Currently, we raise our own exception; the draft now specifies that SECURITY_ERR should be raised.
http://www.w3.org/TR/XMLHttpRequest/#security-err
Created attachment 19484 [details] First version
Comment on attachment 19484 [details] First version r=me
Committed revision 30932.