- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 21 Jun 2011 10:42:32 -0400
On 6/21/11 5:21 AM, Hallvord R. M. Steen wrote: > Another issue I noticed is in the text under the heading "the > javascript: URL scheme" - specifically the last "otherwise" part of the > text. This is about trying to navigate a window from a different origin > to a javascript: URL. Don't we expect a security exception here? I don't think so, no. In particular, this check needs to happen right before running the script, which happens asynchronously, right? So at that point throwing a security exception doesn't make much sense... -Boris
Received on Tuesday, 21 June 2011 07:42:32 UTC