Why is importScripts imposing a same origin restriction? This won't increase security in any way since cross-origin scripts can always be loaded from the main thread. I think cross-site loading is fairly common exactly for the case that importScripts, which is loading libraries.
Also, the spec doesn't seem clear on what to do if compiling a script fails. I think some sort of exception should be thrown, probably the same one that is thrown if eval() is given a non-compiling script. / Jonas
