aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJF Bastien <github@jfbastien.com>2015-06-10 10:43:51 +0200
committerJF Bastien <github@jfbastien.com>2015-06-10 10:43:51 +0200
commitc2fcc21766d77bf6ca7758a5e04833ed81d10bdc (patch)
treecf25df77288f13e8e7e27d86c5fb58643f4644c4
parent29e86447dab47e20252c12d684b877b15a74bd71 (diff)
parent6c1128a925f8fb3a6e44d0effe30d36984dd0d54 (diff)
downloadnanowasm-design-c2fcc21766d77bf6ca7758a5e04833ed81d10bdc.tar.gz
Merge pull request #128 from WebAssembly/web-security
Web security: CORS and SRI
-rw-r--r--Web.md15
1 files changed, 11 insertions, 4 deletions
diff --git a/Web.md b/Web.md
index 92fe500..bfc7209 100644
--- a/Web.md
+++ b/Web.md
@@ -11,14 +11,17 @@ A key part of operating on the web is supporting
We've identified interesting implementation approaches which help convince us
that the design, especially that of the [MVP](MVP.md), are sensible:
+* WebAssembly's security model should depend on [CORS][] and
+ [subresource integrity][] to enable distribution, especially though content
+ distribution networks and to implement
+ [dynamic linking](FutureFeatures.md#dynamic-linking).
* A [module](MVP.md#Modules) can be loaded in the same way as an ES6 module
(`import` statements, `Reflect` API, `Worker` constructor, etc) and the result
is reflected to JS as an ES6 module object.
* Exports are the ES6 module object exports.
- * An import first passes the module name to the
- [module loader pipeline](http://whatwg.github.io/loader) and resulting ES6
- module (which could be implemented in JS or WebAssembly) is queried for the
- export name.
+ * An import first passes the module name to the [module loader pipeline][] and
+ resulting ES6 module (which could be implemented in JS or WebAssembly) is
+ queried for the export name.
* There is no special case for when one WebAssembly module imports another:
they have separate [heaps](MVP.md#heap) and pointers cannot be passed
between the two. Module imports encapsulate the importer and
@@ -28,3 +31,7 @@ that the design, especially that of the [MVP](MVP.md), are sensible:
and call an undefined `extern` function and the target JavaScript function
would be given the (mangled) name of the `extern` and put inside the
imported ES6 module.
+
+ [CORS]: http://www.w3.org/TR/cors/
+ [subresource integrity]: http://www.w3.org/TR/SRI/
+ [module loader pipeline]: http://whatwg.github.io/loader