W3C home > Mailing lists > Public > whatwg@whatwg.org > June 2011

[whatwg] comment on a part of the script execution spec, regarding not fully active documents

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Tue, 21 Jun 2011 10:42:32 -0400
Message-ID: <4E00ADD8.6010902@mit.edu>
On 6/21/11 5:21 AM, Hallvord R. M. Steen wrote:
> Another issue I noticed is in the text under the heading "the
> javascript: URL scheme" - specifically the last "otherwise" part of the
> text. This is about trying to navigate a window from a different origin
> to a javascript: URL. Don't we expect a security exception here?

I don't think so, no.

In particular, this check needs to happen right before running the 
script, which happens asynchronously, right?  So at that point throwing 
a security exception doesn't make much sense...

-Boris
Received on Tuesday, 21 June 2011 07:42:32 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:06 UTC