On 2/23/11 4:16 AM, Jorge wrote:
Wouldn't this :HTMLScriptElement.prototype.execute= function execute () { // ... return (1, eval)( this.innerText ); // global eval } do it ?
No. First of all, the script can be an external script, so innerText doesn't do the right thing.
(only that it should be "privileged": able to bypass the usual s.o.p. restrictions wrt .innerText...)
That's the thing. The privileged bit involves things that make it very difficult to transport exceptions across it correctly, especially if the caller of execute() is not in the same window as the script itself. At least in Gecko.
-Boris
