stho...@gmail.com wrote:
I'm running into a cross domain issue within an iframe.
In which Gecko version?
user_pref("capability.policy.CrossDomainToLocal.Window", "allAccess");
user_pref("capability.policy.CrossDomainToLocal.Window.XXX",
"allAccess");
These are the only Window things in your file. So any other property of
Window will throw, no?
> I'm assuming that when trying to get a variable from window.top.XXX
> and getting undefined is related to the above error.
No, that's more likely related to the fact that the safe object wrapper.
Note also that for any quickstubbed property capability.policy will be
ignored in Gecko 1.9.1 and later. In Gecko 1.9.2 we expect
capability.policy on a per-property basis to disappear altogether.
So you might want a different solution to whatever problem you're
solving (e.g. document.domain, postMessage, etc, etc).
-Boris
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
