On Tue, 18 Aug 2009 17:33:24 -0400, Nikunj R. Mehta
<nikunj.me...@oracle.com> wrote:
On Aug 18, 2009, at 12:19 AM, Michael A. Puls II wrote:
4. If file:// access isn't implemented (like in IE), don't have open()
throw. Instead, make this.status be 501.
This is a breaking change to the XHR spec which asks to throw an error.
Have you considered the effect of making the proposed change?
Yes.
"8. Don't have open() throw for cross-domain security restriction. Instead,
use status code 403."
does the same.
I could live without those changes as long as there was information for
the security_err exception so that you could tell the difference between
the 2.
Of course, the "Easier Alternative:" I mentioned in
<http://lists.w3.org/Archives/Public/public-webapps/2009JulSep/0686.html>
might be a better way to do things.
--
Michael
