On 9/16/17 12:32, Ted Hardie wrote:
To avoid that, they would have build udp wireformat parsers into the downloadable javascript.
To be clear, in the scenario I outlined, that's exactly what I was intending to describe. It hadn't even occurred to me that one might form a model, based on that description, that involved routing the information through the local, OS-level stub resolver. Now that you've clarified that confusion, I agree: a system that did so would be terrifyingly difficult to secure. Let's not do that horrible thing.
And I hope my previous explanation was clear: this isn't the primary use case for this work; I used it in my example because it was a very easy way to explain the layering issue to anyone with a basic understanding of the web platform. I wouldn't over-rotate on it. (That said, I know that several people are watching this work precisely because they do want to perform these operations in JavaScript. The input draft does not preclude doing so, and I see no reason to artificially limit the mechanism in a way that prevents it.)
/a