- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Tue, 20 Oct 2015 09:11:51 +0200
- To: Bobby Holley <bholley@mozilla.com>
- Cc: Boris Zbarsky <bzbarsky@mit.edu>, Domenic Denicola <d@domenic.me>, Cameron McCormack <cam@mcc.id.au>, www-archive <www-archive@w3.org>
On Mon, Oct 19, 2015 at 10:24 PM, Bobby Holley <bholley@mozilla.com> wrote: > On Mon, Oct 19, 2015 at 7:06 AM, Anne van Kesteren <annevk@annevk.nl> wrote: >> Yeah, Window seems like a distinct problem since it already has a dual >> setup with WindowProxy and Window. > > Sure, but I think it would be better to specify uniform behavior for > cross-origin objects without relying on the WindowProxy, if possible. In > Gecko's implementation, cross-origin object behavior is mostly orthogonal to > WindowProxy stuff. > >> And it is not marked [Unforgeable] >> which means same-origin and cross-origin will differ quite a bit. > > Between same-origin and cross-origin Window yes. But not between > cross-origin Window and cross-origin Location, which is why I'm suggesting > specifying those two things together. When I go over the problem in my head, I have to say that putting all the logic in WindowProxy seems much more appealing. Similarly to putting all the logic in Location. And where Location would forward to its own properties in the same-origin case, WindowProxy would simply forward to the underlying Window object. And for the cross-origin case, both WindowProxy and Location would wrap the returned safelisted properties appropriately. But let me try to write some prose and put that in a repository so we have an idea of what the end result could be. That would hopefully also make it easier to think through "what if we did X instead". -- https://annevankesteren.nl/
Received on Tuesday, 20 October 2015 07:12:30 UTC