W3C home > Mailing lists > Public > whatwg@whatwg.org > July 2010

[whatwg] Canvas 2D Context Proposal: resetOriginClean

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Thu, 29 Jul 2010 18:10:44 -0700
Message-ID: <AANLkTiknJ0DzG+5Kr5ReC-k5uNpvprGYWFiTJkqvA7JZ@mail.gmail.com>
On Thu, Jul 29, 2010 at 3:44 PM, Charles Pritchard <chuck at jumis.com> wrote:
> There are some warnings in browsers for other security items:
> ?"This HTTPS Certificate is not valid, Continue / Cancel"

That's recognized pretty universally as a horrible prompt that is
actively bad for the user.


> It does set a precedent for prompts like:
> ?"This domain kitties4life.com is trying to access an image from flickr.com,
> Continue / Cancel".

Similarly, users wouldn't have a clue what this means.


> But, as I've said, using CORS is a far better alternative;
> and using XMLHttpRequest isn't completely absurd, provided there were
> a clean route for managing the data.

Indeed.

~TJ
Received on Thursday, 29 July 2010 18:10:44 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:25 UTC