- From: Ian Hickson <ian@hixie.ch>
- Date: Thu, 10 Jan 2013 00:42:15 +0000 (UTC)
- To: James Graham <jgraham@opera.com>
- Cc: whatwg <whatwg@lists.whatwg.org>, Boris Zbarsky <bzbarsky@MIT.EDU>, Adam Barth <w3c@adambarth.com>
On Wed, 9 Jan 2013, James Graham wrote:
> On Wed, 9 Jan 2013, Boris Zbarsky wrote:
> > On 1/9/13 4:12 PM, Adam Barth wrote:
> > > > window.addEventListener.call(otherWindow, "click", function()
> > > > {});
> > >
> > > This example does not appear to throw an exception in Chrome. It
> > > appears to just returns undefined without doing anything (except
> > > logging a security error to the debug console).
> >
> > Hmm. I may be able to convince that turning security errors like this
> > into silent no-ops returning undefined is ok, but throwing an
> > exception seems like a much better idea to me if you're going to
> > completely not do what you were asked to do... The other option
> > introduces hard-to-debug bugs.
>
> FWIW I have run into this behaviour in WebKit in the context of using
> the platform, and I considered it very user-hostile.
Yeah, we should throw SecurityError exception in these cases IMHO.
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 10 January 2013 00:42:39 UTC