[Webkit-unassigned] [Bug 32115] document.cookie accessors should raise INVALID_STATE_ERR if there is no browsing context

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Dec 28 01:34:54 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=32115


Maciej Stachowiak <mjs at apple.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mjs at apple.com




--- Comment #15 from Maciej Stachowiak <mjs at apple.com>  2009-12-28 01:34:53 PST ---
(In reply to comment #12)
> (In reply to comment #9)
> > So the change is going from behavior that matches Firefox 3.5 to behavior that
> > matches IE 8 and the HTML5 specification?
> 
> Almost.  Based on the hints provided earlier in this thread, I have
> tested three types of documents: documents created using
> createDocument(), documents from deleted iframes, and documents from
> XMLHttpRequest.  Here's a summary of the behavior.  (I also extended
> the test case to include all three cases.)
> 
> 
> IE8:
> 
>   * deleted iframe: exception on _any_ access ("permission denied")
>   * createDocument: not supported in IE8 (no createDocument method)
>   * XMLHttpRequest: exception on setting, getting returns undefined
> 
>   (The XMLHttpRequest document in IE8 does not seem to support a
>   cookie attribute at all.  The responseXML object supports a
>   getElementsByTagName() method, so it seems to really be a document,
>   and not the dummy object IE8 returns upon parsing errors.)
> 
> 
> FF3.5:
> 
>   * deleted iframe: no exception, setting and getting allowed
>   * createDocument: no exception, setting and getting allowed
>   * XMLHttpRequest: no exception, setting and getting allowed
> 
> 
> Safari 4.04/WebKit r51759:
> 
>   * deleted iframe: no exception, setting and getting allowed
>   * createDocument: no exception, setting silently ignored, getting
>                     returns empty string
>   * XMLHttpRequest: no exception, setting silently ignored, getting
>                     returns empty string
> 
> 
> Patch:
> 
>   * createDocument: exception
>   * XMLHttpRequest: exception
>   * deleted iframe: exception
> 
> 
> My interpretation of HTML5 is that an exception should be raised in
> all these three cases.  Am I reading the spec right?  Is this is how
> WebKit should behave?

Given the test results, I think the HTML5 spec is in error and should be
changed. The Firefox behavior seems best - throwing more exceptions is a Web
compatibility risk. And since many sites have dual code paths, being like IE is
not as good as being like Firefox for practical Web compatibility. If we change
this, it should be to better match Firefox, and we should file a bug against
the HTML5 spec.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list