Re: Defining exotic objects in IDL, HTML, or both?

On 10/16/15 11:33 AM, Domenic Denicola wrote:
> What is the downside of just using the same WindowProxy and Location objects?

As I just said to Anne on IRC, the goal of this exercise is to define 
some properties that:

1)  Give us the right security guarantees.
2)  Are self-consistent.
3)  Don't overconstrain implementation.

Because we need to get several UAs with widely divergent security 
architectures to agree here.

The goal is that if your proposal is not black-box distinguishable from 
the spec, then it's a perfectly fine implementation of the spec.

> Otherwise we're going to have to do a willful violation of ES262 with regard to === semantics, if I am understanding correctly.

Gecko, with our membrane setup does not need any such violation.

I can't speak to other implementation strategies.

I'm open to whatever spec language we care to write which allows the 
variety of implementation strategies we want to allow while providing 
the guarantees we desire.

I'm assuming you have at least skimmed 
<https://www.w3.org/Bugs/Public/show_bug.cgi?id=20701>.  If you have 
not, you should.  Please pay particular attention to abarth's comments, 
since those have the most to do with the "object per origin" semantics 
(which are what Blink currently implements) and also pay attention to 
https://www.w3.org/Bugs/Public/show_bug.cgi?id=20701#c87 and 
https://www.w3.org/Bugs/Public/show_bug.cgi?id=20701#c105 at the very least.

It would be nice to stop retreading the same ground and make forward 
progress.  ;)

-Boris

Received on Friday, 16 October 2015 15:49:37 UTC