On Monday, November 14, 2011, Anne van Kesteren <ann...@opera.com> wrote: > On Fri, 11 Nov 2011 20:03:53 +0100, Olli Pettay <olli.pet...@helsinki.fi> wrote: >> >> I think we should strongly encourage web devs to move away from >> sync XHR (in Window context, not in Workers). It is bad for UI >> responsiveness. >> >> Unfortunately sync XHR has been used quite often with the old >> text/xml types. But maybe we could disable sync XHR for the new >> types, and also make .response to throw if it is used with >> sync XHR. >> >> Comments? > > I think we could make responseType throw "InvalidAccessError" (currently response never throws, would be nice to keep that), but we just changed responseType so you can set it before invoking open(). > > We could of course do that if you set responseType during UNSENT open() will throw "InvalidAccessError" if you set async to false. > > Should we do this for any features? E.g. cross-origin requests? If you pass user/password for cross-origin requests open() is already supposed to throw. > > >> http://www.w3.org/Bugs/Public/show_bug.cgi?id=14773 >> https://bugzilla.mozilla.org/show_bug.cgi?id=701787 >> https://bugs.webkit.org/show_bug.cgi?id=72154
Yes, I think cross-origin should not work with sync. That is currently the only synchronous communication mechanism cross origin. Without it a UA could put up UI if it wants to explicitly allow users to control such communication. / Jonas