[whatwg] Canvas 2D Context Proposal: resetOriginClean
Tab Atkins Jr.
jackalmage at gmail.com
Thu Jul 29 18:10:44 PDT 2010
On Thu, Jul 29, 2010 at 3:44 PM, Charles Pritchard <chuck at jumis.com> wrote:
> There are some warnings in browsers for other security items:
> "This HTTPS Certificate is not valid, Continue / Cancel"
That's recognized pretty universally as a horrible prompt that is
actively bad for the user.
> It does set a precedent for prompts like:
> "This domain kitties4life.com is trying to access an image from flickr.com,
> Continue / Cancel".
Similarly, users wouldn't have a clue what this means.
> But, as I've said, using CORS is a far better alternative;
> and using XMLHttpRequest isn't completely absurd, provided there were
> a clean route for managing the data.
Indeed.
~TJ
More information about the whatwg
mailing list