- From: timeless <timeless@gmail.com>
- Date: Thu, 19 Jun 2008 11:07:59 +0300
- To: "Julian Reschke" <julian.reschke@gmx.de>
- Cc: "public-webapps@w3.org" <public-webapps@w3.org>
Ian Hickson wrote: > Mozilla shows the XML error in its error console, which seem more useful > than exposing the error to script, really. (I expect other browsers do the > same but I haven't checked as recently.) On 6/19/08, Julian Reschke <julian.reschke@gmx.de> wrote: > That's useful, but IMHO not nearly as useful as giving the script code the > ability to access the information. Sometimes errors happens in the absence > of the developer, and it's useful to have an easy and automatable way to get > the diagnostics. this always scares me. i'm sure the context is "all information available is only being provided to a trusted source", however.... generally what i've seen is that exposing some information about a parse error to a script is a great way to enable data leaks to a malicious application. iirc mozilla isn't planning on implementing certain css error structures for this reason....
Received on Thursday, 19 June 2008 08:08:42 UTC