Oh the version I attached does not have the last mod in cvs - "Removed
namespace URI"
I believe this was done in support of SP2 as well..
Monty
----- Original Message -----
From: "Monty Scroggins" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 08, 2004 10:23 PM
Subject: Re: [DQSD-Devel] convertStylesToInline - SP2-hostile
The comx.xml file can be modified to not call the convertstylestoinline().
Practically none of the styles the windows inherit affect the popups
anyway..
<style>body {background:#fcfcfc;border:0px;margin:0px;padding:0px;}
img{vertical-align:top;text-align:left;}</style>
is all the styles needed for the comx popups.
I dont have sp2 installed... I attached a modified comx.xml... can someone
with sp2 give it a go please?
thx
Monty
----- Original Message -----
From: "Kim Gr�sman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 08, 2004 2:38 PM
Subject: [DQSD-Devel] convertStylesToInline - SP2-hostile
> Hi devs and friends,
>
> I've spent a fair couple of evenings going through the various XP SP2
> problems in DQSD.
>
> While I think I've found enough registry settings to tweak to silence IE,
> I'm not entirely comfortable disabling browser security entirely to make
> DQSD run.
>
> So, I took a step back and started investigating the "mark of the web" [1]
> again. It appears that adding one of those comments to search.htm makes it
> render properly in the task bar. Great.
>
> Now there's the dynamically generated pages:
>
> - help window
> - help popup from qsfind
> - comx popup
> - calendar
>
> The help window was fixable, by adding a mark of the web to the
dynamically
> gen:ed HTML stream, just before the body - seems to be working OK (there
are
> some minor issues, but it renders nicely).
>
> The popups, however, are harder. They all throw an Access Denied box, and
it
> appears to be because of convertStylesToInline. It runs through all
> stylesheet rules on the main document, and builds an inline style decl
from
> them. Great idea - unfortunately, it was deemed a security risk [2], and
MS
> decided to prohibit it. So, long story short - does anyone have an
> alternative implementation, that may be run from a locked-down
environment?
>
> Cheers,
> Kim
>
> [1]
>
http://msdn.microsoft.com/security/productinfo/XPSP2/securebrowsing/lockdown
> _devimp.aspx
> [2] http://www.security.nnov.ru/search/document.asp?docid=2711
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by BEA Weblogic Workshop
> FREE Java Enterprise J2EE developer tools!
> Get your free copy of BEA WebLogic Workshop 8.1 today.
> http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
> _______________________________________________
> DQSD-Devel mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/dqsd-devel
>
>
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idP47&alloc_id�808&op=click
_______________________________________________
DQSD-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/dqsd-devel
