On Wed, Feb 23, 2011 at 10:16 AM, Jorge <[email protected]> wrote: > On 23/02/2011, at 04:57, Boris Zbarsky wrote: >> On 2/22/11 10:42 PM, Glenn Maynard wrote: >>> Including execute() being synchronous, raising SyntaxError exceptions >>> for parse errors, and uncaught exceptions from the script being >>> propagated up through execute() to its caller? >> >> Hmm. That last one might take some work in Gecko, if it's even sanely >> possible, but the rest of it shouldn't be that bad. > > Wouldn't this : > > HTMLScriptElement.prototype.execute= function execute () { > // ... > return (1, eval)( this.innerText ); // global eval > } > > do it ? >
Yes it would ! Unfortunately that requires access to script source content which is not available for external resources, even if same origin. We can execute scripts but never access their sources, isn't that a unnecessary restriction ? -- Diego > (only that it should be "privileged": able to bypass the usual s.o.p. > restrictions wrt .innerText...) > -- > Jorge.
