- From: timeless <timeless@gmail.com>
- Date: Thu, 19 Jun 2008 12:55:29 +0300
- To: "Julian Reschke" <julian.reschke@gmx.de>
- Cc: "public-webapps@w3.org" <public-webapps@w3.org>
> generally what i've seen is that exposing some information about a > parse error to a script is a great way to enable data leaks to a > malicious application. On Thu, Jun 19, 2008 at 11:19 AM, Julian Reschke <julian.reschke@gmx.de> wrote: > Could you please provide some more information or give an example about when > this would be the case? this is the replacement spec which doesn't support this feature (which also implies that people might have had a reason): http://dev.w3.org/csswg/cssom/#the-cssstylesheet Statements that were dropped during parsing can not be found using these APIs. Here's a gateway to the old spec and the bug and some discussion: http://en.wikipedia.org/wiki/Comparison_of_layout_engines_(DOM)#Style_.28CSS_Fundamental.29 Interface CSSUnknownRule DOM2 (no properties) No ? No [13] https://bugzilla.mozilla.org/show_bug.cgi?id=35618#c10 == Note to self: find out how to ask about the cssom spec ... http://dev.w3.org/csswg/cssom/#cssstyledeclaration If parsing the value returns "null" abort this algorithm. Note: value can not include !important. specifically what does "can not" mean (it's not an RFC "MUST NOT", but typically one would want SHOULD NOT, or MAY NOT, or if you're trying to be flexible "might not" [not rfc, but also not as confusing])
Received on Thursday, 19 June 2008 09:56:19 UTC