-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow using Crypto.getRandomValues() in Shadow Realms #361
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This exposes much more in Shadow Realms, no?
My understanding at this point is that we will not expose anything behind |
I think it's worth adding explicit But maybe we should also take a step back and have a discussion on that as it's not clear to me what principles are behind it. At least to me it seems somewhat reasonable to offer UUIDs. But perhaps we don't want the additional |
I don't know that much about ShadowRealms, but I would intuitively expect A more general comment: this PR only talks about Shadow Realms but the diff makes the Also, the WebIDL spec says:
That being said, I'm not sure if there's any significant concern about exposing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks correct, but you should make it clear in OP what other PR this depends on and that this cannot merge before that as UniversalGlobalScope is not a thing as far as I know.
ArrayBufferView getRandomValues(ArrayBufferView array); | ||
[SecureContext] DOMString randomUUID(); | ||
[Exposed=*, SecureContext] DOMString randomUUID(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Isn't this Exposed=* superfluous because the whole interface is exposed *?
Note that this depends on the introduction of
UniversalGlobalScope
in whatwg/html#9893.Closes #338
The following implementers have shown interest:
The following tasks have been completed:
Implementation issues:
Preview | Diff