Boris Zbarsky a écrit :
Marine wrote:
However, I don't see how to put all the code in a signed jar, as JSP
will generate HTML code dynamically for each client request.
Is it possible to dynamically generate the signed jar? Or move the
logic from server to client?
Boris Zbarsky wrote:
> Alex Yip wrote:
>> Thanks Boris, is the CAPS system being removed?
>
> Not completely, but if DOM is switched off xpconnect, it will no longer
> be making CAPS calls (which will be a big performance benefit).
>
>> If so, is there a replacement for it?
>
> Not really, as f
Marine wrote:
> However, I don't see how to put all the code in a signed jar, as JSP
> will generate HTML code dynamically for each client request.
Is it possible to dynamically generate the signed jar? Or move the
logic from server to client?
I don't claim this is easy to do, basically. The
Thanks a lot for your reply, Boris !
However, I don't see how to put all the code in a signed jar, as JSP
will generate HTML code dynamically for each client request.
Maybe someone know if this is possible, and how ?
Otherwise, I will have to write an extension, as you suggested, but I
would
Alex Yip wrote:
> Thanks Boris, is the CAPS system being removed?
Not completely, but if DOM is switched off xpconnect, it will no longer
be making CAPS calls (which will be a big performance benefit).
> If so, is there a replacement for it?
Not really, as far as I know.
-Boris
___
> I should note that this is likely to stop working soon (e.g. Firefox
> 3.1), and may already be partially not working with the current XOW
> work. The latter is what you might be seeing.
Thanks Boris, is the CAPS system being removed? If so, is there a
replacement for it?
Thanks, Alex
__
Alex Yip wrote:
> Hi, I have a question about Mozilla's CAPS system. I am trying to
> disable DOM's Window.postMessage method in Firefox 3, so I added this
> line to user.js:
>
> user_pref("capability.policy.default.Window.postMessage.get",
> "noAccess");
I should note that this is likely to sto
Marine wrote:
>
> width="0px" height="0px" name="jsUtilsAvecPrivileges">
>
...
> I wonder if this could be due to vulnerability correction in Firefox
> 2.0.0.15 : http://www.mozilla.org/security/announce/2008/mfsa2008-23.html
Yes. What you were doing before was exploitable.
> ==> But now, h
Hi, I have a question about Mozilla's CAPS system. I am trying to
disable DOM's Window.postMessage method in Firefox 3, so I added this
line to user.js:
user_pref("capability.policy.default.Window.postMessage.get",
"noAccess");
And got the following behavior:
I have two windows, A and B from di
Hi,
A few months ago, I posted this message :
http://groups.google.com/group/mozilla.dev.security/browse_thread/thread/d95d4d9d82959739/da0875e5639698c2?lnk=gst&q=signed+jar#da0875e5639698c2
I wanted to call JavaScript methods that require special Firefox
privileges from a JSP page
I finally su
10 matches
Mail list logo
