Re: ACTION-146, propose spec text for Workers

On Sat, Nov 23, 2013 at 12:02 AM, Garrett Robinson
<grobinson@mozilla.com> wrote:
> * Workers can link to resources with any mimetype. Iframes can just
> link to resources explicitly served as text/html.

<iframe> can load much more resource types. But text/html and XML MIME
types are the only ones that can also execute script.


> * Workers are always same-origin. Iframes can be any origin.
> * While workers can't directly read content from the webpage, they can
> perform XHR requests to the server, read locally stored data
> (including cookies and IDB in the future) and probably in the future
> take actions like access geolocation API using the principal of the
> opening page.

An <iframe> loaded resource can do the same, no?


-- 
http://annevankesteren.nl/

Received on Monday, 25 November 2013 11:29:56 UTC