"pete collins" <[EMAIL PROTECTED]> schrieb ...
> I think what you want to do is an XP isntall. XPInstall is for
> installing your plugins, components, packages, skins etc onto the client
> machine. No signed scripts needed.
I know how to use XPInstall to deploy components. That's
not the problem.
What I mean is: I have the three files
nsIHello.xpt
nsHello.js
nsHello.html
in the components folder. Then I open the _local_ file
nsHello.html. This file contains a JavaScript block with
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
The privilege is granted. After that I can create an instance
of the Hello component and so on.
The second scenario looks like:
I have the two files
nsIHello.xpt
nsHello.js
in the components folder. Then I open the _remote_ file
(i.e. using the HTTP protocol instead of file: protocol now),
let's say http://cycosys.com/tt/xpcom/nsHello.html , and
I get an uncaught excpetion because the privilege is not
granted.
This is exactly the way the security manager worked in Netscape
4 - you can grant rights as long as you open a local file.
I assume that one has to grant rights only when the underlying
XPCOM component is implemented in JavaScript. Is this right?
I doubt that anybody will use scriptable plug-ins if you have
to sign every single JavaScript/HTML page that is calling a plug-in
method via XPConnect. In the real world most HTML pages will
be remote.
Regards, Tobias Trelle
--
CyCo Systems GmbH & Co. KG >>> http://www.cycosys.com/
