On Wed, 9 Jan 2013, James Graham wrote: > On Wed, 9 Jan 2013, Boris Zbarsky wrote: > > On 1/9/13 4:12 PM, Adam Barth wrote: > > > > window.addEventListener.call(otherWindow, "click", function() > > > > {}); > > > > > > This example does not appear to throw an exception in Chrome. It > > > appears to just returns undefined without doing anything (except > > > logging a security error to the debug console). > > > > Hmm. I may be able to convince that turning security errors like this > > into silent no-ops returning undefined is ok, but throwing an > > exception seems like a much better idea to me if you're going to > > completely not do what you were asked to do... The other option > > introduces hard-to-debug bugs. > > FWIW I have run into this behaviour in WebKit in the context of using > the platform, and I considered it very user-hostile. Yeah, we should throw SecurityError exception in these cases IMHO. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'Received on Thursday, 10 January 2013 00:42:39 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 30 January 2013 18:48:12 GMT