for me in Safari 3.2.1 with jQuery 1.3.1 (did
not test 1.3.0) in my project, but other stuff which worked in 1.2.6
simply selects the wrong elements
$(#id).find(.class) fails
$(.class, DOMElement) fails
The exact same code works in Firefox, though.
--
Markus Peter - w...@spin.de - http://www.spin
not always patch it
myself, unfortunately it has been ignored so far.
--
Markus Peter - w...@spin.de - http://www.spin-ag.de/ - http://www.spin.de/
SPiN AG, Bischof-von-Henle-Str. 2b, 93051 Regensburg, HRB 6295
Regensburg
Aufsichtsratsvors.: Dr. Christian Kirnberger, Vorstände: F. Rott, P
such a
hack.
--
Markus Peter - [EMAIL PROTECTED] http://www.spin-ag.de/
SPiN AG, Bischof-von-Henle-Str. 2b, 93051 Regensburg, HRB 6295
Regensburg
Aufsichtsratsvors.: Dr. Christian Kirnberger
Vorstände: Fabian Rott, Paul Schmid
other sites, if users stay in
a cookie-based session while surfing on other pages.
There was at least one Gmail contact list exploit working similarly
in the wild already.
Don't deliver private data as JavaScript/JSON unless it's secured
with secrets in the URL.
--
Markus Peter - [EMAIL
://en.wikipedia.org/wiki/E4X). It
might well be possible, that E4X-capable browsers have the same
problem with XML, depending on whether JavaScript constructors are
called for E4X or not.
--
Markus Peter - [EMAIL PROTECTED] http://www.spin-ag.de/
SPiN AG, Bischof-von-Henle-Str. 2b
5 matches
Mail list logo