- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Thu, 30 Oct 2014 14:48:05 +0100
- To: WebAppSec WG <public-webappsec@w3.org>
I'm pretty sure I raised this before. Throwing from XMLHttpRequest's open() method for something that is effectively a network error is not acceptable. This should happen asynchronously during send() as part of the integration between Fetch and Mixed Content. The same comment applies to EventSource. WebSocket is somewhat harder since it does not go through Fetch, but I think we want the same principle to apply there. -- https://annevankesteren.nl/
Received on Thursday, 30 October 2014 13:48:32 UTC