- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Thu, 29 Jul 2010 18:10:44 -0700
On Thu, Jul 29, 2010 at 3:44 PM, Charles Pritchard <chuck at jumis.com> wrote: > There are some warnings in browsers for other security items: > ?"This HTTPS Certificate is not valid, Continue / Cancel" That's recognized pretty universally as a horrible prompt that is actively bad for the user. > It does set a precedent for prompts like: > ?"This domain kitties4life.com is trying to access an image from flickr.com, > Continue / Cancel". Similarly, users wouldn't have a clue what this means. > But, as I've said, using CORS is a far better alternative; > and using XMLHttpRequest isn't completely absurd, provided there were > a clean route for managing the data. Indeed. ~TJ
Received on Thursday, 29 July 2010 18:10:44 UTC