W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2008

Re: responseXML/responseText exceptions and parseError

From: timeless <timeless@gmail.com>
Date: Thu, 19 Jun 2008 13:21:30 +0300
Message-ID: <26b395e60806190321j1e430316p46057bfa11cde847@mail.gmail.com>
To: "Julian Reschke" <julian.reschke@gmx.de>
Cc: "public-webapps@w3.org" <public-webapps@w3.org>

On Thu, Jun 19, 2008 at 1:09 PM, Julian Reschke <julian.reschke@gmx.de> wrote:
> Can you provide an example where providing *XML* parse error information
> within *XHR* would be problematic?

i really shouldn't have to. imagine a document that is not CSS and is not XML.

now imagine an api that lets you try to load it as css. imagine that
this api exposes a dom object that describes *any* information from
that document in the case that it fails to parse as css.

basically it meant that you can interrogate pages that you weren't
supposed to be able to look at to get information you weren't supposed
to have.

now replace 'css' with 'xml'. The logic still applies.

And yes, I understand you'll wave hands about "this is a trusted
application". I don't care. If it's a trusted application, then I
trust it not to make mistakes and to have ways to verify the
information server side before it's ever sent on any wires.
Received on Thursday, 19 June 2008 10:22:12 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:26 GMT