allen at wirfs-brock.com
Thu Aug 1 09:09:17 PDT 2013
On Aug 1, 2013, at 7:41 AM, Boris Zbarsky wrote:
> (Sorry for breaking threading; catching up on the archives.)
> The special thing about [[Enumerable]] is a bit of a red herring. What the spec should say is that if you're looking at a non-same-origin Document or Window then you shouldn't be able to tell what properties it has at all, since that's a cross-site information leak.
> Hixie did the [[Enumerable]] thing presumably just because he didn't realize how getOwnPropertyNames behaves.
or that someone could simply do access probes for likely property names?
In sounds like the actual intent is the Document and Window must be exotic objects (ES6-speak) that do caller origin filtering on all MOP operations applied to them. Presumably that is what the FF proxies implement.
This whole discussion and the related https://www.w3.org/Bugs/Public/show_bug.cgi?id=20567 "change [[Prototype]]" thread sure feel like Wack-A-Mole exercises.
It sounds like we don't actually have a complete/understandable/rational model of how the Document/Window rooted object model is supposed to behave as a data structure shared among Realms/processes/host domains, etc. It isn't even clear to me whether that level of direct sharing is actually needed (except for compatibility issues).
Is it feasible to reboot the design and then go back and see what compatibility shims need to be put in front of a new model.
Unless something like that is done I fear that Wack-a-Mole will continue forever without anything actually getting better.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the es-discuss