- From: Domain Admin <jonas@sicking.cc>
- Date: Thu, 28 Aug 2008 21:08:33 -0700
Why is importScripts imposing a same origin restriction? This won't increase security in any way since cross-origin scripts can always be loaded from the main thread. I think cross-site loading is fairly common exactly for the case that importScripts, which is loading libraries. Also, the spec doesn't seem clear on what to do if compiling a script fails. I think some sort of exception should be thrown, probably the same one that is thrown if eval() is given a non-compiling script. / Jonas
Received on Thursday, 28 August 2008 21:08:33 UTC