Hello, I have to use JavaScripts that require special privileges from Firefox. So I need to sign theses scripts in JAR files, with NSS tool. But I have a problem as these scripts are then used from JSP pages.
It is written here (http://www.mozilla.org/projects/security/components/signed-scripts.html#signing), the following : "The major difference in signing scripts between 4.x and Mozilla is that in Mozilla, the entire page must be signed, as opposed to only the script running on the page. For any script to be granted expanded privileges, all scripts on or included by an HTML page must be signed." If I understand this correctly, I have to include HTML pages that call Javascript functions into the signed JAR. But as I don't use HTML, but JSP pages, how can I proceed ? Thanks for any help. PS : Today, when calling a JavaScript function located in a jar, from a JSP, I have the following error : Erreur : [Exception... "'Permission refusée d'obtenir la propriété UnnamedClass.classes' when calling method: [nsIDOMEventListener::handleEvent]" nsresult: "0x8057001e (NS_ERROR_XPC_JS_THREW_STRING)" location: "<unknown>" data: no] PS2 : Or maybe is there another way to do what I have to... - From one Firefox tab, I have to be able to get an instance of another firefox tab containing a window with a given name (name given by the "target" property of the link that opened it). - Then I have to call javascript functions contained in this tab. - I have to be able to give focus to this tab => In firefox 2.0.0.8, function "focus()" can give focus to a another window, but not to another tab. - I have to be able to close a window that wasn't opened with the window.open() function => Not allowed with default rights. I saw that we may define policies, but examples show how to reduce rights. Is it possible also to give more rights, such as those that are granted with "netscape.security.PrivilegeManager.enablePrivilege" function ? Thanks in advance. -- View this message in context: http://www.nabble.com/Use-signed-scripts-in-JSP-pages-tf4728173.html#a13519430 Sent from the Mozilla - Security mailing list archive at Nabble.com. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
