On Thu, Aug 4, 2016 at 4:47 AM, Andrew McCreight <amccrei...@mozilla.com> wrote:
> If you do want to think about it, I'd first read over the work that Chrome > people have already put into thinking about this issue: > http://www.chromium.org/developers/design-documents/site-isolation > > I'm not sure how much they have actually shipped from this initiative, > though. > Neither do I, but I do know they've been working on it for many years and it's really, really hard, at least in legacy code like Chromium. As of 18 months ago, Chrome devs were designing new features without necessarily taking site isolation into account. The question is, how hard would it be to support full site isolation in Servo at this point? If not hard, then it's probably worth maintaining at least as an optional feature for scenarios with abundant memory and maximal security requirements (which, in the future, could be "everyone"). If it is hard, consider giving it up and relying on Rust as the only line of defense between different origins in the same toplevel browsing context. (Supporting multiple content processes like the other browsers already do seems like a no-brainer given that it doesn't add much complexity.) Rob -- lbir ye,ea yer.tnietoehr rdn rdsme,anea lurpr edna e hnysnenh hhe uresyf toD selthor stor edna siewaoeodm or v sstvr esBa kbvted,t rdsme,aoreseoouoto o l euetiuruewFa kbn e hnystoivateweh uresyf tulsa rehr rdm or rnea lurpr .a war hsrer holsa rodvted,t nenh hneireseoouot.tniesiewaoeivatewt sstvr esn _______________________________________________ dev-servo mailing list dev-servo@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-servo