Boris Zbarsky wrote:
>
> Right. You can't link to chrome:// in general. This was always the
> case. There were some cases where chrome:// resources could be used in
> and the like; the change here was to only allow this if
> contentaccessible=yes.
>
> It sounds like you're using <iframe src="chrome://bar.xul"> or some
> such? That wasn't allowed in Gecko 1.7, as I recall...
>
I have just checked more thoroughly... as a matter of fact, it seems that
the xxx protocol, when processing a response from the remote server, is
indeed generating an HTML page which includes, among other things, the
following entry:
<iframe id="xxxlist" src="chrome://whatever.xul" viewId="1234134"
variable="myvar" ...></iframe>
I don't yet know why it works in the previous version of Gecko (1.7), but it
does. There was no SecurityManager in Gecko 1.7 wasn't it?..
What could I do in Gecko 1.9, then?..
--
View this message in context:
http://www.nabble.com/nsScriptSecurityManager-and-a-custom-protocol-tp22227469p22245951.html
Sent from the Mozilla - Embedding mailing list archive at Nabble.com.
_______________________________________________
dev-embedding mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-embedding
