On Thu, Oct 17, 2019 at 1:05 PM <ikilpatr...@chromium.org> wrote: > > These features (broadly speaking) are different however. According to the > above policy: > "Exceptions to requiring secure contexts" > " - other browsers already ship the feature insecurely" > > Most (all?) of the non-trivial features above have shipped in other > browsers insecurely before shipping in Firefox, hence the above exception > applies. >
But it also says: "In contrast, a new CSS color keyword would likely not be restricted to secure contexts." Given that this is a new value for grid-template-*, and not a new CSS property, I'd argue it doesn't apply. > "subgrid" is different as Firefox is shipping this feature first. > I believe we were also first to ship the support for multiple display values, but again those are values. And I think we're the first on ::marker. These were not restricted. > > As far as I know we don't even have a mechanism that I could > > have used to restrict subgrid to secure contexts. And to be > > clear: I have no intention of blocking subgrid on waiting for > > such a mechanism. > > This should just involve passing a isSecureContext flag into the your CSS > parser? > There's also the consideration as to whether allowing grid in non-secure contexts, but NOT subgrid, even makes sense. I think it would oddly fracture support for grid layouts as a whole (or at least potentially make things confusing for developers — it's certainly more confusing than just restricting access to a single property like backdrop-filter or something). Perhaps we should ask what the value of restricting only subgrid to secure contexts even brings. If part of the spirit of the policy (at least the part that applies here) is to quicken adoption of secure contexts, is the value of subgrid's contribution to this endeavor worth the trade-off of potential user confusion? > Given this shouldn't a "...Mozilla’s Distinguished Engineers to judge the > outcome..."? > It's an interesting test of the policy. Thanks for bringing it up :) _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
