Stuart Ballard wrote: >Seems like the only solutions to this one are either: > >1) Forbid use of the CSSOM on stylesheets more privileged than you are. > Does this not currently apply? Or can a remote web page manipulate html.css? Not that it should need to, because it can supply more specific (although less privileged) stylesheets.
- Re: Is the security model XBL uses wrong? Neil
- Re: Is the security model XBL uses wrong? Alex Fritze
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? David Hyatt
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? David Hyatt
- Re: Is the security model XBL uses wrong? Neil
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? David Hyatt
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Ian Hickson
- Re: Is the security model XBL uses wrong? Ian Hickson
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Ian Hickson
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Mitchell Stoltz
