On Mon, Sep 25, 2017 at 2:47 PM, Boris Zbarsky <bzbar...@mit.edu> wrote:
> On 9/25/17 3:18 AM, Anne van Kesteren wrote:
>> But it would also be good if we could all communicate this on behalf
>> of Mozilla without caveats. E.g., Chrome might ship worklets soon and
>> being able to object to that happening (specification-wise) on
>> insecure contexts on behalf of Mozilla would be good.
>
> The Chrome intent to shop thread for CSS paint raises some good concerns
> about what exactly it would mean to not support paint worklets in insecure
> contexts.  Do they still parse but just fail to paint?  Do the not parse?
> Note that a _stylesheet_ doesn't have a concept of secure or insecure
> context right now....
It does not seem hard to come up with solutions to those problems, if
we're actually committed to going down this path. Especially if we're
all aligned that the goal is restrict as many new features to secure
contexts as possible. (E.g., just like globals have isSecureContext,
there could be a media query that can be used from CSS for the same
purpose. Or @supports could be used if we make parsing fail.)


-- 
https://annevankesteren.nl/
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Reply via email to