On Tue, Nov 15, 2011 at 4:22 AM, Anne van Kesteren <[email protected]> wrote: > On Mon, 14 Nov 2011 17:55:25 +0100, Jonas Sicking <[email protected]> wrote: >> >> Yes, I think cross-origin should not work with sync. That is currently the >> only synchronous communication mechanism cross origin. Without it a UA >> could put up UI if it wants to explicitly allow users to control such >> communication. > > Eww. But you agree with my suggestion about exceptions? I can put that in > the specification and push to get it implemented in Opera, but it would help > if you said you agreed with the specifics to avoid surprises down the road.
So if I understand the proposal correctly: After .open has been called with async=false: * setting .responseType to anything other than "" throws InvalidAccessError * setting .wirthCredentials to true throws InvalidAccessError Additionally, when calling .open with async=false, throw InvalidAccessError if .responseType is set to anything other than "" or .withCredentials is true. If that's the proposal, then this sounds good to me. / Jonas
