Is there any documentation yet on how locker service fits in with lightning web components? If yes,
- What are the implications of locker service on lightning web components?
- What are locker service guidelines to work with lightning web components?
[SalesForce] Locker service and lightning web components
Related Topic
- [SalesForce] Lightning components and locker service
- [SalesForce] An Alternative To “For Loop” With Locker Service Enabled
- [SalesForce] Lightning Component – Locker Service Issue – Dynamically created element and addEventListener
- [SalesForce] Lightning Web Components – Benefits and Support
- [SalesForce] Is it possible to disable Locker Service for Lightning Web Components? (I mean LWC and not Aura Components!)
Best Answer
If you have access to the spring19 pre release org you can explore the documents on the "lightning web components security via locker service" in developer guide. The docs are available for lockerservice @ (YourDomain.lightning.force.com/docs/component-library/documentation/lwc/lwc.security_locker_service)
Lets highlight some key points from document
DOM Access Containment
You cannot use document.querySelector() and the syntax to access the shadow DOM will be
this.template.querySelector()Secure Wrappers
Still you will need SecureWindow, SecureDocument , SecureObject (All these were available in aura locker). On top of it you also have new secure elements SecureLightningElement and SecureTemplate.
SecureLightningElement is a base class that every lightning web component extends from .
SecureTemplate is the shadowRoot node .The docs list which APIS are not supported .
Restrict access to Global Variables
Global variables like $Aura,$A, sfdc and sforce are all restricted .
CSP Support
All Javascript libraries needs to be referenced from static resource and all external images , fonts and CSS needs to use HTTPS .
Except for IE11 ,the locker security principles are applied to the lightning web components as well .