Re: document.domain obsoleted?

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Alejandro Rivero
    #1

    Re: document.domain obsoleted?

    On 18 abr, 19:50, Thomas 'PointedEars' Lahn <PointedE...@we b.de>
    wrote:
    >
    document.domain does not apply to XHR.
    I see. I was mislead due to some hints on the contrary, as well as my
    bad memory and the fact that actually it applies someway: if I set
    document.domain to a different value that the real one, some XHR in
    firefox stop working. I guess that this could qualify for a bug but I
    do not know if I am interesting on researching further; it could also
    be that document.domain is used in a lateral way, (eg to build the
    full URL of relative paths).

    The reason is probably that the
    former implements a different (older) API than the latter. Note that
    document.domain should be read-only per W3C DOM Level 2 HTML, so we are
    violating the Spec already with allowing write access to it for accessing
    properties that are tainted by default (does anyone here even remember that
    NS4 feature?). Therefore, it would appear doubtful whether filing a bug
    against it would actually move anything or anyone, but you are welcome to try.
    what I find really bad is that then there is no way to do cross-site
    XML even in the same main domain.
    Tags: None
    • Tom Cole
      #2
      Re: document.domain obsoleted?

      Alejandro Rivero wrote:
      On 18 abr, 19:50, Thomas 'PointedEars' Lahn <PointedE...@we b.de>
      wrote:
      >

      document.domain does not apply to XHR.
      >
      I see. I was mislead due to some hints on the contrary, as well as my
      bad memory and the fact that actually it applies someway: if I set
      document.domain to a different value that the real one, some XHR in
      firefox stop working. I guess that this could qualify for a bug but I
      do not know if I am interesting on researching further; it could also
      be that document.domain is used in a lateral way, (eg to build the
      full URL of relative paths).
      >
      >
      The reason is probably that the
      former implements a different (older) API than the latter. Note
      that document.domain should be read-only per W3C DOM Level 2 HTML,
      so we are violating the Spec already with allowing write access to
      it for accessing properties that are tainted by default (does
      anyone here even remember that NS4 feature?). Therefore, it would
      appear doubtful whether filing a bug against it would actually move
      anything or anyone, but you are welcome to try.
      >
      what I find really bad is that then there is no way to do cross-site
      XML even in the same main domain.
      Why not create a single server side resource that does not have these
      limitations to fetch all this stuff for you and return it?

      You know, something where you could pass the url of the desired
      resource, it would open that resource and pass you back the contents.

      --

        Comment

        • Alejandro Rivero
          #3
          Re: document.domain obsoleted?

          On 18 abr, 23:23, "Tom Cole" <tco...@gmail.c omwrote:
          Alejandro Rivero wrote:
          On 18 abr, 19:50, Thomas 'PointedEars' Lahn <PointedE...@we b.de>
          wrote:
          >
          document.domain does not apply to XHR.
          >
          I see. I was mislead due to some hints on the contrary, as well as my
          bad memory and the fact that actually it applies someway: if I set
          document.domain to a different value that the real one, some XHR in
          firefox stop working. I guess that this could qualify for a bug but I
          do not know if I am interesting on researching further; it could also
          be that document.domain is used in a lateral way, (eg to build the
          full URL of relative paths).
          >
          The reason is probably that the
          former implements a different (older) API than the latter. Note
          that document.domain should be read-only per W3C DOM Level 2 HTML,
          so we are violating the Spec already with allowing write access to
          it for accessing properties that are tainted by default (does
          anyone here even remember that NS4 feature?). Therefore, it would
          appear doubtful whether filing a bug against it would actually move
          anything or anyone, but you are welcome to try.
          >
          what I find really bad is that then there is no way to do cross-site
          XML even in the same main domain.
          >
          Why not create a single server side resource that does not have these
          limitations to fetch all this stuff for you and return it?
          >
          You know, something where you could pass the url of the desired
          resource, it would open that resource and pass you back the contents.
          >
          --
          Yeah, at the end I will probably iframe a single page in the server,
          and then dojo-trick.

            Comment

            • Bart Van der Donck
              #4
              Re: document.domain obsoleted?

              Alejandro Rivero wrote:

              ....
              Yeah, at the end I will probably iframe a single page in the server,
              and then dojo-trick.
              I think using an (invisible) iframe is still a very good alternative;
              although XMLHttpRequest is more fashionable nowadays. Iframes require
              less code and allow cross-domain resources to be loaded (not
              scripted); while XMLHttpRequest knows statuses, access to page
              headers, multi-threading etc. In think both are possible in your case.

              --
              Bart

                Comment

                Previous template Next
                Working...