Anne van Kesteren wrote:
Jonas already mentioned it in another e-mail and this feature was indeed
planned (by me 8-)) for XMLHttpRequest level 2. responseText already
follows text/html rules for encoding detection etc. but for parsing we
probably need to state that it needs to run with support for scripting
disabled which affects how <noscript> is parsed etc. I'm wondering if we
should do it like that or have scripts not run and parse <noscript> as
if scripting was enabled. (I'm not sure whether HTML 5 has an option for
the latter, but that's for instance how html5lib currently works.)
Any opinions on this? Anything else I should pay attention too when
adding this feature?
I can't say I feel very strongly about it. But it seems more logical to
me to parse the contents of <noscript> as if scripts were disabled.
Other things that should be disabled is loading stylesheets (which can
affect .getComputerStyle and XBL bindings), onclick-like attributes and
loading of plugins.
This is in reality an issue even in XHR 1 due to XHTML.
/ Jonas
