- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Tue, 26 Nov 2013 11:28:12 +0000
- To: Brad Hill <hillbrad@gmail.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Mon, Nov 25, 2013 at 10:41 PM, Brad Hill <hillbrad@gmail.com> wrote: > https://dvcs.w3.org/hg/user-interface-safety/raw-file/6e5a766786c0/user-interface-safety.html Do we really want to add a new dependency on XPath? And in particular a new one as I don't think we have a primitive in the platform today that generates an expression for a given node. We are trying to stay away from XML and XSLT quite decisively so this seems surprising. As for the unsafe property. You need to add [Unforgeable] to its IDL. "The value should not not be set unless triggered by user initiated actions." does not make sense. The property will always return a value. Either true or false. The "UI Event handling" section also cannot really be implemented. It uses many terms such as "compositor" and "layers" that do not really have a definition in the layout standards we have today. I haven't really studied the document in detail, but based on the above it does not seem ready to me. -- http://annevankesteren.nl/
Received on Tuesday, 26 November 2013 11:28:40 UTC