timeless wrote:
Ian Hickson wrote:
Mozilla shows the XML error in its error console, which seem more useful
than exposing the error to script, really. (I expect other browsers do the
same but I haven't checked as recently.)
On 6/19/08, Julian Reschke <[EMAIL PROTECTED]> wrote:
That's useful, but IMHO not nearly as useful as giving the script code the
ability to access the information. Sometimes errors happens in the absence
of the developer, and it's useful to have an easy and automatable way to get
the diagnostics.
this always scares me. i'm sure the context is "all information
available is only being provided to a trusted source", however....
generally what i've seen is that exposing some information about a
parse error to a script is a great way to enable data leaks to a
malicious application.
...
Intereresting.
Could you please provide some more information or give an example about
when this would be the case?
BR, Julian
