Skip to content

Adds use case to spec section 1.3. #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Adds use case to spec section 1.3. #158

wants to merge 2 commits into from

Conversation

@mikesamuel
Copy link
Collaborator

@mikesamuel mikesamuel commented May 7, 2019

Addresses

Issue 3: Something about reducing the review surface

Some more motivation might be timely since this is getting more eyes.

@mikesamuel
Adds use case to 1.3.
2eb68a5 
Addresses

> Issue 3: Something about reducing the review surface

Some more motivation might be timely since this is getting more eyes.
koto
koto reviewed May 7, 2019
View reviewed changes
spec/index.bs

The need to create trusted values to affect [=injection sinks=],
combined with additional scrutiny on changes that affect policy
code, incents developers to find novel ways to use safe
Copy link
Member

@koto koto May 7, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

incents developers to use safe abstractions (consider removing "to find novel ways", that to me sounds like finding creative abuse methods, or bypasses).

koto
koto reviewed May 7, 2019
View reviewed changes
spec/index.bs

templating policy and enables enforcement for the DOM sinks.
* A large team maintains a complex client-side application.
They create a number of Trusted Types policies so that
Copy link
Member

@koto koto May 7, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you could remove the details of how the policies behave, and focus that there is a few of them and that they are reviewed. The current description might be too detailed for this section I feel.

Copy link
Collaborator Author

@mikesamuel mikesamuel May 8, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought I'd try to get cover tools integration use cases and application use cases in one place. Do you want the bullet points out altogether, separated into different use cases, or made shorter?

Copy link
Member

@koto koto May 8, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps a second use case describing the actual policy shape? Such that it shows that useful restrictions can be defined via policies + types.

Base automatically changed from master to main February 16, 2021 23:23
koto added a commit that referenced this pull request Mar 10, 2021
@koto @mikesamuel
Simplified use case from #158 (#335)
d9612e6 
* Adds use case to 1.3.

Addresses

> Issue 3: Something about reducing the review surface

Some more motivation might be timely since this is getting more eyes.

* simplified the usecase.

* Simplified the use case.

Co-authored-by: Mike Samuel <[email protected]>
@koto
Copy link
Member

koto commented Mar 10, 2021

Obsoleted by #335.

@koto koto closed this Mar 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@koto koto koto left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mikesamuel @koto