W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2008

Re: responseXML/responseText exceptions and parseError

From: Julian Reschke <julian.reschke@gmx.de>
Date: Thu, 19 Jun 2008 12:09:42 +0200
Message-ID: <485A3066.1030001@gmx.de>
To: timeless@gmail.com
CC: "public-webapps@w3.org" <public-webapps@w3.org>

timeless wrote:
>> generally what i've seen is that exposing some information about a
>> parse error to a script is a great way to enable data leaks to a
>> malicious application.
> On Thu, Jun 19, 2008 at 11:19 AM, Julian Reschke <julian.reschke@gmx.de> wrote:
>> Could you please provide some more information or give an example about when
>> this would be the case?
> this is the replacement spec which doesn't support this feature (which
> also implies that people might have had a reason):
> http://dev.w3.org/csswg/cssom/#the-cssstylesheet
> Statements that were dropped during parsing can not be found using these APIs.
> ...

Can you provide an example where providing *XML* parse error information 
within *XHR* would be problematic?

BR, Julian
Received on Thursday, 19 June 2008 10:10:24 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:10 UTC