- From: timeless <timeless@gmail.com>
- Date: Tue, 18 Aug 2009 13:22:49 +0300
- To: "Michael A. Puls II" <shadow2531@gmail.com>
- Cc: Anne van Kesteren <annevk@opera.com>, public-webapps@w3.org
I'd rather we formally indicate that using file urls in XMLHttpRequests is not expected to work with an explanation that there are security concerns which prevent XMLHttpRequest safely exposing arbitrary file urls. People who need access to local files should use a locally bound web server or if the content is something they control, JSON or an iframe. something like: In order for implementations to protect their users, XMLHttpRequest implementations MAY choose not to support file urls or MAY choose whatever error values they like.
Received on Tuesday, 18 August 2009 10:23:30 UTC