Hi, Since it is possible to use JavaScript in portlets, the scripts of various portlets on one portal page can interfere with each other. The accidental clash of equal method or variable identifier is prevented by using namespaces for each declaration. What about malicious JavaScript code contained in a portlet. This portlet, for example, can retrieve information from other portlets or capture keystrokes and send it to another server.
Is it possible to prevent malicious portlets that use JavaScript from accessing other portlets on the same page? Of course I could turn of JavaScript in the browser but does the portlet container or other portal applications provide any solutions to this security issue? Regards, Kevin
