Le 26/09/2013 14:44, Anne van Kesteren a écrit :
On Thu, Sep 26, 2013 at 12:22 AM, Brendan Eich <[email protected]> wrote:
Boris Zbarsky wrote:
The web _does_ in general rely on being able to apply methods from some
built-in (including DOM) prototype in one realm to objects from another
realm.
This goes back to the dawn of JS. You can set location on a reachable frame
or window, even if not same-origin.
Probably does not matter much, but the cross-origin case might become
proxy objects long term due to process isolation.
It seems like it matters a lot. If that's not already the case, would
that break the web when that happens?
Formulated differently: does the web has requirements making such
process isolation impossible? If no, can the specs and implementations
can be changed now to make process isolation possible?
David
_______________________________________________
es-discuss mailing list
[email protected]
https://mail.mozilla.org/listinfo/es-discuss
