>> TLDR ==> The web needs a way to express executable code that does not rely
>> on its parent context, is guaranteed to be side-effect-free, and can be
>> executed safely anywhere (even in a different thread/worker/window/device,
>> or as callback for browser code being executed while the DOM is not ready to
>> be accessed)
> Why "need"? You don't really expose a use case. You only start with
> "It's been some time I've been working on this idea of a..."
>
> Also, one thing is not really clear to me. Are you trying to protect the
> function from its caller/loader or the caller from the function? both?
The use case is at the bottom: I want to be able to use JavaScript functions
inside the browser as part of algorithm customization. For example, use some
JavaScript function as part of the layout computation of an object, or as the
animation timing function.
An arbitrary function can't do the trick here because the browser is in a state
where it cannot execute arbitrary JS on the DOM when he needs this kind of
information, or could be in another thread where it simply can't access the
global variables and all. So, instead of trying a way that would be very
complex to make all DOM API throw in this case, I propose to add a way to make
sure you can't have them.
Then you can check at runtime whether or not a function is "safe" for
out-of-context usage. You can send the function as part of a JSON object, by
the way, and it could be deep-cloned, unlike a normal function.
What I really try to do is to give entire control to the caller regarding what
the function can access. This requires isolating the called function completely
form the outside environment, to the exception of the given arguments.
_______________________________________________
es-discuss mailing list
[email protected]
https://mail.mozilla.org/listinfo/es-discuss
