[webkit-dev] Isolated world tests
Oliver Hunt
oliver at apple.com
Mon Jul 6 18:44:38 PDT 2009
On Jul 6, 2009, at 5:37 PM, Eric Seidel wrote:
> Currently WebKit avoids this need for Safari directly, by having
> separate Obj-C and JS bindings around DOM objects. Properties/
> getters/setters added through JS do not affect the Obj-C bindings.
> Other embedders which call directly through the JS bindings could
> currently have implementation problems w/o Isolated World
> functionality.
I'm unsure what you mean by this? V8 could just as easily have COM or
C bindings. The specific issue that "Isolated Worlds" is a feature
designed specifically to deal with potential vulnerabilities in
JavaScript so bindings for other languages aren't really relevant.
--Oliver
>
> -eric
>
> On Wed, Jul 1, 2009 at 11:07 PM, Oliver Hunt <oliver at apple.com> wrote:
>
> On Jul 1, 2009, at 10:59 PM, Adam Barth wrote:
>
> On Wed, Jul 1, 2009 at 7:50 PM, Maciej Stachowiak<mjs at apple.com>
> wrote:
> We generally wouldn't accept WebKit features that only work with V8,
> even if
> other ports may not immediately plan to use them.
>
> I support this principle.
>
> I haven't thought through whether this particular feature
> should be an exception.
>
> The main arguments are as follows:
>
> 1) Isolated worlds is not a web platform feature. Adding the feature
> to V8 and not to JSC does not create an incompatibility between the
> two engines. The observable behavior from web content is the same.
>
> WebKit is not just a web platform API -- it is used in a wide
> variety different applications -- that said, if this feature wasn't
> relevant to WebKit it wouldn't need to be in WebKit
>
>
>
> 2) The purpose of implementing isolated worlds is so the app can
> implement an app-specific feature (extensions). Implementing
> extensions in another app requires a lot more than just isolated
> worlds.
>
> However if isolated worlds is necessary to provide effective
> security controls in any application that wished to be extensible in
> the face of arbitrary untrusted content, and it needs to be in
> webcore (if it doesn't my prior comment applies, this doesn't need
> to be in the webkit tree) then any application that wishes to use
> webkit will need webkit to provide this unless every application
> shipped its own copy of webkit with its own implementation of
> isolated worlds.
>
>
>
> 3) I don't foresee the implementation touching any source files
> outside of WebCore/bindings/v8. Other ports do not need to bear any
> costs because of isolated worlds.
>
> As i've said if isolated worlds has a real usecase then there is no
> reason to not actually provide it
>
>
>
> In general, I think using regression tests for features that are not
> directly exposed to Web content, but implemented in WebCore/WebKit, is
> reasonable. For example we have tests that check that WebKit's
> delegate
> methods relating to load progress are dispatched in the correct order.
>
> Perhaps I've been indoctrinated into the cult, but I wouldn't want to
> work on something without writing tests.
>
> Agreed, and what JS engine is being used should not effect the
> results of those tests.
>
>
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20090706/fa90f6fe/attachment.html>
More information about the webkit-dev
mailing list