- From: Bobby Holley <bholley@mozilla.com>
- Date: Fri, 16 Oct 2015 11:12:52 -0700
- To: Anne van Kesteren <annevk@annevk.nl>
- Cc: Bobby Holley <bholley@mozilla.com>, Boris Zbarsky <bzbarsky@mit.edu>, Domenic Denicola <d@domenic.me>, Cameron McCormack <cam@mcc.id.au>, www-archive <www-archive@w3.org>
- Message-ID: <CAKBxTcKMSUg23w-posNUgpLKgsoyM6qRkP1ocPiHfo_DwOy02w@mail.gmail.com>
On Fri, Oct 16, 2015 at 10:56 AM, Anne van Kesteren <annevk@annevk.nl> wrote: > My main problem is that the Etherpad doesn't list all the invariants. > Happy to clarify any that are missing - see also the tests. > E.g., that same-origin Location objects still need security checks was > not listed. That's a property of the Location object, not of the behavior of cross-origin objects. > And one of Adam's concerns was not wanting to deal with > non-ES5-stuff, whereas this depends heavily on proxies. I don't quite follow here. Are you saying that the only way to make this proposal work in an ES world is to use proxies/membranes? IIRC, Adam's basic position was to specify something that allowed Blink to continue its reference-rewriting under the hood. > So if we're > going to have proxies anyway, do we really need to mint one > per-origin? The origin of the 'minting' concept was to be safe-by-default in case the spec missed a corner case. The idea is that the spec can offer the basic invariant that "No ES object from one origin should ever be exposed to another origin", and engines can assume that the spec will never require them to do that (which was important to Adam). This is less important than Gecko thanks to wrappes, so we ignore this under the hood. But the idea is that this should never be observable. > (It does seem like we need multiple underlying objects to > deal with "expandos" properly.) There are no expandos on cross-origin objects. The thing that makes this tricky is the prototype chain of methods that you pull off of a cross-origin object. And does minting a new object > per-origin correctly deal with navigation, a case that is also not > covered? > I am not aware of any problems that navigation might cause. Can you be more specific? > I looked at the tests too and had some questions. > > > https://github.com/w3c/web-platform-tests/blob/master/html/browsers/origin/cross-origin-objects/win-documentdomain.html > talks about frameURI but that is never used. What is its function? > I'm not sure, it can probably be removed. > > https://github.com/w3c/web-platform-tests/blob/master/html/browsers/origin/cross-origin-objects/frame.html > overrides window.frames. I guess that's just an example of overriding > a property that's also whitelisted? Should that become a more > expansive test also testing the other whitelisted properties? > The point of it is to demonstrate that cross-origin observers "get XrayWrappers" to the Window.
Received on Friday, 16 October 2015 18:13:43 UTC