On 8/8/13 2:50 PM, Ian Hickson wrote:
I'd go further -- I wouldn't expose WindowProxy to other languages at all
Yes, I thought that was more or less what I said. You still need an object to represent navigation contexts, of course.
My point is that either way, if we do this, that means all the security checks have to be on Window, not WindowProxy.
I think that depends on the language and how it represents objects, whether untrusted code in that language is even a concept, etc.
For example, the C++ bindings for Window in browsers presumably do not perform security checks of any sort...
The security checks in the spec right now are very much JS-as-it's-practiced-on-the-web specific. A different language, possibly with a different security model, would want different checks.
-Boris
