NB should read ...
I want to allow users to install safe zipped files
rvj [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
After all these years I'm still uneasy about Mozilla security so can
anyone
clarify ??
I want to allow users to install to safe zipped files
My basic
After all these years I'm still uneasy about Mozilla security so can anyone
clarify ??
I want to allow users to install to safe zipped files
My basic understanding is that all chrome references implicitly support
privileged operations
Therefore I want to allow the installation of chrome-like
Im not sure if this is the right newsgroup but can anyone clarify if there
is to
system level data in the BIOS etc ?
In particular I want to ensure compatibility ideally by make and model and
possible makers
serial number which I believe normally is in BIOS (if provided)
The most basic check I
OK dumb question but is it potentially possible to have signed chrome which
could be authenticated when Mozilla starts up?
I know that signing is primary used for file transfer verfication but I am
more interested in preventing tampering at the
local workstation (i.e. tampering/ replacement of
s:[EMAIL PROTECTED]...
openDialog allows a nasty exploit, which is why it can't be called from
content. You should be able to do whatever you need to do using open()
instead.
-Mitch
rvj wrote:
It seems that openDialog in a remote xul file is thrown out by the xul
parser
Howev
PPS
Im also a little unclear as to what is meant by 'calling from content' in
this context
I understood that the purpose the 'chrome' flag was to open the window as a
chrome file rather than content.
PPS
Assuming a remote xul is opened using something like http://host/remote.xul
why is this
PS
I notice that it does not ask me for privs rather than inform me of what I
have (I assume that is just a scripting option)
rvj [EMAIL PROTECTED] wrote in message
a9hjiu$[EMAIL PROTECTED]">news:a9hjiu$[EMAIL PROTECTED]...
Thanks - the online Mozcalc example is the first remote xul
PATH
Given that relative installed chrome directory references are supported such
as
content, install, path, /main/calculator
I assume that absolute http address path can be specified
content, install, path, http://host/main/calculator
Is this true?
rvj [EMAIL PROTECTED] wrote
It seems that openDialog in a remote xul file is thrown out by the xul
parser
However if I just use window.open, the new window is created
I noticed this when using the reload button on the remote xul. It generates
XML Parsing Error: unclosed token
Location: http://host/remote.xul
Line Number
OK as requested - provide a valid xul file url for another.xul and try with
window.open and window.openDialog
PS I notice that I seems necessary to flush cache between tests
Axel Hecht [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Could you put up a testcase?
If a xul fiile is open via the file protocol should it be able to create
windows using window.openDialog ?
If this is a security precaution then what is it supposed to be protecting?
function opendialog()
{
var x= window.openDialog( clone.xul, name,chrome );
}
simple test case
begin 666 titlebar.xul
M/#]X;6P@=F5RVEO;CTB,2XP(C\^(#PA+2T@+2HM($UO94Z($A434P@+2HM
M(TM/@T*#0H\=VEN9]W(ED/2)T:71L96)AB(@UL;G,Z:'1M;#TB:'1T
M#HO+W=W=RYW,RYOFO5%(O4D5#+6AT;6PT,(-B @UL;G,ZF1F/2)H
M='1P.B\O=W=W+GS+F]R9R\Q.3DY+S R+S(R+7)D9BUS6YT87@M;G,C(@T*
Thanks but what about chrome and XUL scripts ?
Surely chrome and XUL scripts count as being a local script?
Im using XUL + chrome script so I had expected
netscape.security.PrivilegeManager.enablePrivilege(UniversalBrowserWrite)
to work in the same way as
Belated - many thanks for reply
I had been thinking along the lines of a totally chrome driven application
shell.
I had assumed access to DLLs within JARS possible, but impractical for
preformance reasons.
i.e. a single external DLL which redirects access to the appropriate DLL
within one or
PS .. a new JARS directory structure just for read only stuff ??
a) components
b) utilities
c) skins
d) locales
e) packages
f) plugins
15 matches
Mail list logo