Based on my reading of DOM4, initEvent makes it possible to transform a trusted event into a non-trusted event and dispatch it. Is that intentional? It is only currently supported in Firefox and Opera. In IE, Chrome and Safari, the initEvent call is ignored in this scenario. After the initEvent call is ignored, Chrome will allow you to dispatch the event (unchanged), IE will not (per the prose currently in DOM3 Events). Note, chrome doesn't report the "isTrusted" property, so I can't tell if initEvent would have set that flag to false (hope so)!
I'm trying to rationalize the behavior between DOM3 and DOM4.
DOM3 Events was pretty clear that you can't dispatch an event that wasn't created with createEvent. Pretty simple. That's contrary to DOM4 at the moment (which allows it as long as it's been initialized); I wonder if there needs to be another check to prevent re-dispatching a trusted event?. Is there a specific reason for the current behavior?
DOM3 Events is not very clear about initEvent at the moment. Should it be allowed to convert a trusted event to a non-trusted event? Seems like trouble. Given that IE9 and Chrome/Safari don't allow it, it won't be a compatibility issue to disallow it.
Let's come to an agreement on this so that the two specs can be harmonious on this point.
-Travis