- From: Nikunj R. Mehta <nikunj.mehta@oracle.com>
- Date: Tue, 18 Aug 2009 14:55:56 -0700
- To: "Michael A. Puls II" <shadow2531@gmail.com>
- Cc: public-webapps@w3.org
On Aug 18, 2009, at 2:51 PM, Michael A. Puls II wrote: > On Tue, 18 Aug 2009 17:33:24 -0400, Nikunj R. Mehta <nikunj.mehta@oracle.com > > wrote: > >> >> On Aug 18, 2009, at 12:19 AM, Michael A. Puls II wrote: >> >>> 4. If file:// access isn't implemented (like in IE), don't have >>> open() throw. Instead, make this.status be 501. >> >> This is a breaking change to the XHR spec which asks to throw an >> error. Have you considered the effect of making the proposed change? > > Yes. Then perhaps this proposal is moot. Who would really care to change their XHR code to deal with a change that gives them no benefit? This is assuming that those who have written http:// code are not currently using file: - which practically is the audience you have today. Nikunj http://o-micron.blogspot.com > > "8. Don't have open() throw for cross-domain security restriction. > Instead, > use status code 403." > > does the same. > > I could live without those changes as long as there was information > for the security_err exception so that you could tell the difference > between the 2. > > Of course, the "Easier Alternative:" I mentioned in <http://lists.w3.org/Archives/Public/public-webapps/2009JulSep/0686.html > > might be a better way to do things. > > -- > Michael >
Received on Tuesday, 18 August 2009 21:58:28 UTC