Are JavaScript implementors willing to reimplement window.status? There
are obvious security problems with drawing an author-provided string
where a certain URI is expected, but could window.defaultStatus not set
the name (_NET_WM_NAME or equivalent) of the script's window and
window.status either override window.defaultStatus temporarily, or sent
to the user, e.g. through Growl or as a Windows toast.
The window name is already accessible to scripts (by modifying the text
child of <title> through the DOM) so no new security concerns are
introduced. The Growl binding might well be better by a new function,
though.
- [whatwg] window.status and window.defaultStatus Bjartur Thorlacius
