I wish writing safe DOM code were as easy as "just use Rust", but it isn't. There are thorny issues around rooting and GC that are not yet solved. (This is *not* to say C or C++ are fine for DOM code. They make the problem worse.)
-
-
if your privileged code is moved into the sandbox, then "unprivileged code can't escape the sandbox" isn't necessarily that strong of a statement anymore
-
What’s the privilege boundary here? Not being facetious. The self-hosted DOM of my dreams would follow the principle “functions that the user can compatibly polyfill in JS are in JS, while others remain in Rust”.
- 16 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.