[whatwg] Proposal for separating script downloads and execution
Diego Perini
diego.perini at gmail.com
Wed Feb 23 05:13:46 PST 2011
On Wed, Feb 23, 2011 at 10:16 AM, Jorge <jorge at jorgechamorro.com> wrote:
> On 23/02/2011, at 04:57, Boris Zbarsky wrote:
>> On 2/22/11 10:42 PM, Glenn Maynard wrote:
>>> Including execute() being synchronous, raising SyntaxError exceptions
>>> for parse errors, and uncaught exceptions from the script being
>>> propagated up through execute() to its caller?
>>
>> Hmm. That last one might take some work in Gecko, if it's even sanely possible, but the rest of it shouldn't be that bad.
>
> Wouldn't this :
>
> HTMLScriptElement.prototype.execute= function execute () {
> // ...
> return (1, eval)( this.innerText ); // global eval
> }
>
> do it ?
>
Yes it would !
Unfortunately that requires access to script source content which is
not available for external resources, even if same origin.
We can execute scripts but never access their sources, isn't that a
unnecessary restriction ?
--
Diego
> (only that it should be "privileged": able to bypass the usual s.o.p. restrictions wrt .innerText...)
> --
> Jorge.
More information about the whatwg
mailing list