On Thu, Oct 17, 2019 at 1:05 PM <ikilpatr...@chromium.org> wrote:

>
> These features (broadly speaking) are different however. According to the
> above policy:
> "Exceptions to requiring secure contexts"
> " - other browsers already ship the feature insecurely"
>
> Most (all?) of the non-trivial features above have shipped in other
> browsers insecurely before shipping in Firefox, hence the above exception
> applies.
>

But it also says: "In contrast, a new CSS color keyword would likely not be
restricted to secure contexts." Given that this is a new value for
grid-template-*, and not a new CSS property, I'd argue it doesn't apply.


> "subgrid" is different as Firefox is shipping this feature first.
>

I believe we were also first to ship the support for multiple display
values, but again those are values. And I think we're the first on
::marker. These were not restricted.


> > As far as I know we don't even have a mechanism that I could
> > have used to restrict subgrid to secure contexts.  And to be
> > clear: I have no intention of blocking subgrid on waiting for
> > such a mechanism.
>
> This should just involve passing a isSecureContext flag into the your CSS
> parser?
>

There's also the consideration as to whether allowing grid in non-secure
contexts, but NOT subgrid, even makes sense. I think it would oddly
fracture support for grid layouts as a whole (or at least potentially make
things confusing for developers — it's certainly more confusing than just
restricting access to a single property like backdrop-filter or something).
Perhaps we should ask what the value of restricting only subgrid to secure
contexts even brings. If part of the spirit of the policy (at least the
part that applies here) is to quicken adoption of secure contexts, is the
value of subgrid's contribution to this endeavor worth the trade-off of
potential user confusion?


> Given this shouldn't a "...Mozilla’s Distinguished Engineers to judge the
> outcome..."?
>

It's an interesting test of the policy. Thanks for bringing it up :)
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Reply via email to