UI browser API boundaries

Contract

Browser-only behavior stays behind the Go-facing runtime helper introduced in Mounting and updates. Product modules mount a root Go function with gxwasm.Mount, request rerenders with gxwasm.Update, and express browser interactions through the intrinsic callback properties from v0.1.6.

The v0.1.x browser helper owns only DOM selection, DOM rendering, update scheduling, unmount cleanup, and callback wiring for button click, form submit, input input, and input change.

Product modules must not expose global window.<Module> facades, inline event-handler attributes, inline scripts, or secret-bearing DOM attributes. The allowed script loading pattern is a framework-owned external WebAssembly bootstrap plus its generated support files. CSP verification checks that the host page can run without inline script approval and without inline event handlers.

Any additional browser API requires a new versioned page and implementation patch before product code depends on it.

Consequence

Local hand-written JavaScript in a product module usually means a reusable Go-facing helper is missing.

UI framework index

Sources

• Mounting and updates
• Intrinsic interactive elements