Hi All, Perhaps this has been asked and answered - if so, a link would be appreciated.
I have an JS application that reads a array of pointers to select boxes. Finding a victim, the app executes .focus() which requires elevated privilege. I've been using the codebase.principal hack, but now it's time to move to production. If possible, I'd like to eliminate elevated privs so I don't have to distribute a certificate. The app /should/ be passing the same-site security check: same domain, same port, same protocol. Some select lists are sent to the client, others are generated on the client via DOM calls. Is there a debug flag I can use to see why Mozilla requires the UBR privilge. Thanks for the insight, jec _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
