Re: Defining exotic objects in IDL, HTML, or both?

On Fri, Oct 16, 2015 at 10:56 AM, Anne van Kesteren <annevk@annevk.nl>
wrote:

> My main problem is that the Etherpad doesn't list all the invariants.
>

Happy to clarify any that are missing - see also the tests.


> E.g., that same-origin Location objects still need security checks was
> not listed.


That's a property of the Location object, not of the behavior of
cross-origin objects.


> And one of Adam's concerns was not wanting to deal with
> non-ES5-stuff, whereas this depends heavily on proxies.


I don't quite follow here. Are you saying that the only way to make this
proposal work in an ES world is to use proxies/membranes? IIRC, Adam's
basic position was to specify something that allowed Blink to continue its
reference-rewriting under the hood.


> So if we're
> going to have proxies anyway, do we really need to mint one
> per-origin?


The origin of the 'minting' concept was to be safe-by-default in case the
spec missed a corner case. The idea is that the spec can offer the basic
invariant that "No ES object from one origin should ever be exposed to
another origin", and engines can assume that the spec will never require
them to do that (which was important to Adam). This is less important than
Gecko thanks to wrappes, so we ignore this under the hood. But the idea is
that this should never be observable.


> (It does seem like we need multiple underlying objects to
> deal with "expandos" properly.)


There are no expandos on cross-origin objects. The thing that makes this
tricky is the prototype chain of methods that you pull off of a
cross-origin object.

And does minting a new object
> per-origin correctly deal with navigation, a case that is also not
> covered?
>

I am not aware of any problems that navigation might cause. Can you be more
specific?


> I looked at the tests too and had some questions.
>


>
> https://github.com/w3c/web-platform-tests/blob/master/html/browsers/origin/cross-origin-objects/win-documentdomain.html
> talks about frameURI but that is never used. What is its function?
>

I'm not sure, it can probably be removed.


>
> https://github.com/w3c/web-platform-tests/blob/master/html/browsers/origin/cross-origin-objects/frame.html
> overrides window.frames. I guess that's just an example of overriding
> a property that's also whitelisted? Should that become a more
> expansive test also testing the other whitelisted properties?
>

The point of it is to demonstrate that cross-origin observers "get
XrayWrappers" to the Window.

Received on Friday, 16 October 2015 18:13:43 UTC