-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds use case to spec section 1.3. #158
Conversation
Addresses > Issue 3: Something about reducing the review surface Some more motivation might be timely since this is getting more eyes.
|
||
The need to create trusted values to affect [=injection sinks=], | ||
combined with additional scrutiny on changes that affect policy | ||
code, incents developers to find novel ways to use safe |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
incents developers to use safe abstractions (consider removing "to find novel ways", that to me sounds like finding creative abuse methods, or bypasses).
|
||
templating policy and enables enforcement for the DOM sinks. | ||
* A large team maintains a complex client-side application. | ||
They create a number of Trusted Types policies so that |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you could remove the details of how the policies behave, and focus that there is a few of them and that they are reviewed. The current description might be too detailed for this section I feel.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought I'd try to get cover tools integration use cases and application use cases in one place. Do you want the bullet points out altogether, separated into different use cases, or made shorter?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps a second use case describing the actual policy shape? Such that it shows that useful restrictions can be defined via policies + types.
* Adds use case to 1.3. Addresses > Issue 3: Something about reducing the review surface Some more motivation might be timely since this is getting more eyes. * simplified the usecase. * Simplified the use case. Co-authored-by: Mike Samuel <mikesamuel@gmail.com>
Obsoleted by #335. |
Addresses
Some more motivation might be timely since this is getting more eyes.