- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Mon, 12 Nov 2012 09:12:32 -0800
- To: Simon Pieters <simonp@opera.com>
- Cc: whatwg <whatwg@lists.whatwg.org>, Olli Pettay <opettay@mozilla.com>
On 11/12/12 5:45 AM, Simon Pieters wrote:
> I don't see any attachment. Maybe the whatwg list prunes them? Can you
> send it to www-archive?
Gah.
Here's the entire test case:
<iframe></iframe>
<script>
window.onload = function() {
window.onerror = function(msg, file, line) {
alert('Parent handler: ' + msg + " " + file + " " + line);
}
frames[0].onerror = function(msg, file, line) {
alert('Subframe handler: ' + msg + " " + file + " " + line);
}
frames[0].setTimeout(function() { throw "oops"; }, 100);
}
</script>
> Do browsers use the script's origin per spec, or do they use the
> function's global object's document's origin (for the purpose of
> tainting the arguments)?
This isn't even about origins and tainting so far; everything here is
same-origin. It's purely about which onerror gets called.
-Boris
Received on Monday, 12 November 2012 20:08:03 UTC