On 11/15/2011 09:33 PM, Jonas Sicking wrote:
On Tue, Nov 15, 2011 at 4:22 AM, Anne van Kesteren<ann...@opera.com> wrote:
On Mon, 14 Nov 2011 17:55:25 +0100, Jonas Sicking<jo...@sicking.cc> wrote:
Yes, I think cross-origin should not work with sync. That is currently the
only synchronous communication mechanism cross origin. Without it a UA
could put up UI if it wants to explicitly allow users to control such
communication.
Eww. But you agree with my suggestion about exceptions? I can put that in
the specification and push to get it implemented in Opera, but it would help
if you said you agreed with the specifics to avoid surprises down the road.
So if I understand the proposal correctly:
After .open has been called with async=false:
* setting .responseType to anything other than "" throws InvalidAccessError
* setting .wirthCredentials to true throws InvalidAccessError
Additionally, when calling .open with async=false, throw
InvalidAccessError if .responseType is set to anything other than ""
or .withCredentials is true.
If that's the proposal, then this sounds good to me.
Sounds good to me to.
Also, if xhr is sync, accessing .response or responseType could throw
/ Jonas
