Tavin wrote:
i cannot call getSubjectPrincipal() on the scriptsecuritymanager from javascript (why not?).
Because nsIPrincipal wasn't even scriptable until recently. And in any case, calling getSubjectPrincipal() from inside JS will just tell you the principal of your own JS...
how can i determine the URL of the javascript code that is calling my component?
Not really....
is there anyway to use SameOrigin security and somehow define the component's origin to be the same as my web site?
Not right now. There's some relevant discussion in bug 349807. -Boris _______________________________________________ dev-tech-xpcom mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-xpcom
