W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [XHR2] Disable new response types for sync XHR in Window context

From: Jonas Sicking <jonas@sicking.cc>
Date: Tue, 15 Nov 2011 11:33:38 -0800
Message-ID: <CA+c2ei-nMUR8MVHkDh7TC-+JxcJkQ0eF=KD=Gy7irzL8pgXBfg@mail.gmail.com>
To: Anne van Kesteren <annevk@opera.com>
Cc: Webapps WG <public-webapps@w3.org>, Olli Pettay <Olli.Pettay@helsinki.fi>, "olli@pettay.fi" <olli@pettay.fi>
On Tue, Nov 15, 2011 at 4:22 AM, Anne van Kesteren <annevk@opera.com> wrote:
> On Mon, 14 Nov 2011 17:55:25 +0100, Jonas Sicking <jonas@sicking.cc> wrote:
>> Yes, I think cross-origin should not work with sync. That is currently the
>> only synchronous communication mechanism cross origin. Without it a UA
>> could put up UI if it wants to explicitly allow users to control such
>> communication.
> Eww. But you agree with my suggestion about exceptions? I can put that in
> the specification and push to get it implemented in Opera, but it would help
> if you said you agreed with the specifics to avoid surprises down the road.

So if I understand the proposal correctly:

After .open has been called with async=false:
* setting .responseType to anything other than "" throws InvalidAccessError
* setting .wirthCredentials to true throws InvalidAccessError

Additionally, when calling .open with async=false, throw
InvalidAccessError if .responseType is set to anything other than ""
or .withCredentials is true.

If that's the proposal, then this sounds good to me.

/ Jonas
Received on Tuesday, 15 November 2011 19:35:03 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:36 UTC