- From: Ian Hickson <ian@hixie.ch>
- Date: Mon, 24 Nov 2008 20:58:00 +0000 (UTC)
- To: "Hallvord R. M. Steen" <hallvord@opera.com>
- Cc: Anne van Kesteren <annevk@opera.com>, public-webapps@w3.org
On Mon, 24 Nov 2008, Hallvord R. M. Steen wrote: > > The point is that there *is* no document pointer until you call the > constructur - per the spec. And once that script calls the constructor > and the document pointer is created, the associated window has a > different document in it from a different origin. Hence the document > pointer will reference a document from a different origin than the > script itself has, and same-origin comparisons will pass when they > should fail and vice versa. Valid point; the XHR spec should use the "script document context" as the Document instead. Warning though, this part of the HTML5 spec is definitely unstable. http://www.whatwg.org/specs/web-apps/current-work/#script-document-context -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 24 November 2008 20:58:38 UTC