awesome work! On Thu, Jul 16, 2009 at 1:05 PM, Adam Barth <aba...@chromium.org> wrote:
> > Today I landed a patch that enables a security feature for extensions. > Now when an extension runs a content script, that script runs in a > "parallel universe" with the page. In its isolated world, the content > script can see the page's DOM, but it can't see any of the page's > JavaScript objects. This helps protect the extension from getting > hacked by the page's JavaScript. If you're interested in how a page > can hack a non-isolated content script, you might enjoy reading > http://www.adambarth.com/papers/2009/adida-barth-jackson.pdf > > This is a "breaking change" in the sense that it changes the content > script's API (by hiding the page's JavaScript). If you notice your > favorite user script acting up after this change, please let me know > and we'll try to get to the bottom of the issue. > > Adam > > > > --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
