On 7/22/09 12:24, [email protected] wrote:
Actually ... come to think of it -- lucas.e.smith added comments to
the bug report:
http://code.google.com/p/google-caja/issues/detail?id=1073
Based on that, I am inclined to conclude then that you folks really
need a full tamed XML DOM. Is that correct?
hm. in practice, I suspect most developers use only a small
subset of the dom, but of course the union of the subsets in use
might be close to the full dom.
I'm wary of how large the js runtime is getting, but working with
xml objects is pretty common.
I think xpath is the argument for tamed dom instead of pseudo-dom
over json object, but I'm not clear on the implications of allowing
a cajoled gadget to call xpath. if it turns out you need to
reimplement xpath in safe js, then it's a tossup again.
