Self-hosting has its advantages, in particular optimizers have a really hard time with FFI boundaries. The big problem is security, since it's easy to mess up when both sides of a security boundary are in one language.
-
-
-
if your privileged code is moved into the sandbox, then "unprivileged code can't escape the sandbox" isn't necessarily that strong of a statement anymore
1 reply 0 retweets 1 like -
What’s the privilege boundary here? Not being facetious. The self-hosted DOM of my dreams would follow the principle “functions that the user can compatibly polyfill in JS are in JS, while others remain in Rust”.
1 reply 0 retweets 0 likes -
Maybe that doesn’t result in very much self-hosting in practice. Dunno.
2 replies 0 retweets 0 likes -
cc
@ManishEarth: Here’s another silly idea: What if you could never store a strong reference from Rust code to a DOM object, ever? All JS object pointers would be forced with lifetimes to be stack-only. Use the reserved slot API and native JS collections for object data.2 replies 0 retweets 2 likes -
How do you create new objects? Create a rooting context first? (This is what josephine does, innit?)
1 reply 0 retweets 0 likes -
Yeah, there would be some sort of context object bound to a lifetime that you could make objects with. That would also be the lifetime for roots. No need for DOMRefCell. No need for cursor objects. No need for Traceable. No need for custom collections: just use regular JS Arrays
1 reply 0 retweets 0 likes -
Replying to @pcwalton @ManishEarth and
This is how Objective-C works, as a point of comparison. They solve the problem of regular C code not knowing anything about automatic reference counting by just banning all Obj-C objects from C containers. You can only use NSArray, etc.
2 replies 0 retweets 3 likes -
We have a bunch of cases where there's a complex type stored inside a DOM object. Especially enums.
1 reply 0 retweets 0 likes
It’s still possible to have complex objects stored inside DOM objects, with the “Rust object wrapper” I’m proposing. Just not complex objects that themselves hold onto DOM objects. Those would have to be replaced with alternatives.
-
-
Yeah, the latter is what I'm talking about
1 reply 0 retweets 1 like -
Replying to @ManishEarth @pcwalton and
When I say complex I mean a mix of rust and js stuff.
2 replies 0 retweets 0 likes - 7 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.