- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Fri, 11 Jul 2014 10:27:02 +0200
- To: Mike West <mkwst@google.com>
- Cc: Jake Archibald <jaffathecake@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Thu, Jul 10, 2014 at 2:39 PM, Mike West <mkwst@google.com> wrote: > This section notes that we'd throw exceptions synchronously when we > can determine that a request would be blocked. That is, if XHR > requests an HTTP resource on an HTTPS page, we'd fail the call to > `open()`. > > I think we'd still want to do that. Why? Throwing like that (back then for cross-origin URLs) almost prevented us introducing CORS in the way we did. MIX should be strictly a Fetch-level affair in my opinion. Let's not introduce it in several layers. -- http://annevankesteren.nl/
Received on Friday, 11 July 2014 08:27:29 UTC