On 6/18/14, 3:14 PM, Anne van Kesteren wrote:
Revisiting existing classes and making them suitable for subclassing seems like something that would be hard to avoid.
I think the difference for me is whether making a class subclassable before careful auditing means potentially introducing suboptimal behavior (that we presumably fix when either we do the audit or someone reports a bug) or whether it means potentially introducing a security bug.
In the former case, we can conceivably allow subclassing immediately (possibly only in nightly builds or whatnot) and then work on resolving the issues people find. In the latter case the auditing needs to be a lot more stringent before subclassing is allowed, and allowing subclassing without auditing is just a non-starter. I'm OK shipping somewhat buggy code for people to experiment with in nightly builds, but I'm not OK shipping security bugs.
-Boris _______________________________________________ es-discuss mailing list [email protected] https://mail.mozilla.org/listinfo/es-discuss
