On 2/10/11 4:36 AM, Adam Barth wrote:
Apologies for not reading the whole thread before replying, but the design Darin describes below has worked well in WebKit thus far. I'd be hesitant to make JavaScript URLs work in more contexts due to the risk of introducing security vulnerabilities into the engine.
For what it's worth, Gecko treats javascript: URLs as a general protocol, but with tracking of where the URL came from required for the script to actually execute and explicit opt-in on the caller's part required to execute outside a sandbox.
This too has worked well in terms of security, for what it's worth, while offering a lot more flexibility in terms of how and where javascript: URIs can work.
I don't think we should gate the spec here on Webkit's implementation details if we think a certain behavior is correct but hard to support in Webkit....
-Boris
