[whatwg] comment on a part of the script execution spec, regarding not fully active documents

Boris Zbarsky bzbarsky at MIT.EDU
Tue Jun 21 07:42:32 PDT 2011

On 6/21/11 5:21 AM, Hallvord R. M. Steen wrote:
> Another issue I noticed is in the text under the heading "the
> javascript: URL scheme" - specifically the last "otherwise" part of the
> text. This is about trying to navigate a window from a different origin
> to a javascript: URL. Don't we expect a security exception here?

I don't think so, no.

In particular, this check needs to happen right before running the 
script, which happens asynchronously, right?  So at that point throwing 
a security exception doesn't make much sense...


More information about the whatwg mailing list