- From: Jonas Sicking <jonas@sicking.cc>
- Date: Tue, 15 Nov 2011 13:30:39 -0800
- To: olli@pettay.fi
- Cc: Anne van Kesteren <annevk@opera.com>, Webapps WG <public-webapps@w3.org>
On Tue, Nov 15, 2011 at 11:41 AM, Olli Pettay <Olli.Pettay@helsinki.fi> wrote: > On 11/15/2011 09:33 PM, Jonas Sicking wrote: >> >> On Tue, Nov 15, 2011 at 4:22 AM, Anne van Kesteren<annevk@opera.com> >> wrote: >>> >>> On Mon, 14 Nov 2011 17:55:25 +0100, Jonas Sicking<jonas@sicking.cc> >>> wrote: >>>> >>>> Yes, I think cross-origin should not work with sync. That is currently >>>> the >>>> only synchronous communication mechanism cross origin. Without it a UA >>>> could put up UI if it wants to explicitly allow users to control such >>>> communication. >>> >>> Eww. But you agree with my suggestion about exceptions? I can put that in >>> the specification and push to get it implemented in Opera, but it would >>> help >>> if you said you agreed with the specifics to avoid surprises down the >>> road. >> >> So if I understand the proposal correctly: >> >> After .open has been called with async=false: >> * setting .responseType to anything other than "" throws >> InvalidAccessError >> * setting .wirthCredentials to true throws InvalidAccessError >> >> Additionally, when calling .open with async=false, throw >> InvalidAccessError if .responseType is set to anything other than "" >> or .withCredentials is true. >> >> If that's the proposal, then this sounds good to me. > > > Sounds good to me to. > Also, if xhr is sync, accessing .response or responseType could throw I'm not sure that that buys us anything, and will just cause more code in implementations. / Jonas
Received on Tuesday, 15 November 2011 21:31:53 UTC