On Thu, Aug 26, 2010 at 7:20 AM, Geoffrey Garen <ggaren@apple.com> wrote:
Isn't empty string sufficient to indicate lack of access? What unique information does an exception provide?

Sorry for the delay in my response. Had a big couple weeks there.

So initially, I was testing for empty string but in all instances of iOS and Android I would get the empty string back. This is correct behavior since I was trying to read a different-origin parent's URL, which shouldn't be allowed. But that didn't give me enough information.

The problem in our scenario is that even though I cannot read top.location.href in all versions of iOS and Android, all of those environments will allow me to write top.location.href and send the user away...except for Android 2.2. So I suppose my hope was that an exception while attempting to write would let me know that the write was going to fail, and I should do window.open(url) instead.

It's not a huge problem and it seems technically we should just by defaulting to window.open(url) even though most mobile environments allow writing to top.location.href even if the top window is different-origin. 

>> and even if we could read the href the big problem at least in Android 2.2 is that (2) the browser refreshes the page when the unsafe JS access happens so the user is already being navigated away in essence.
> Can you provide more information about this?
> Is this intentional behavior, or just a bug in Android?

So after thinking about it more, my problem is that Android 2.2 is dealing with the write in a weird way versus previous Android versions and iOS.
 
Does the browser refresh upon reads and writes of location.href, or only writes?

Only writes, when I wrote "access" in the last email I meant "write". 

Best,

--
Rob Barreca
Director of Development
Sprout, Inc.
Mobile: 808.224.1905

Confidential and Proprietary Property of Sprout; Do not distribute.  The information contained in this email is confidential.  This information is intended for use only by the individual to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution or copying of this communication and its contents is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email and attachments, and destroy all copies.