Quick functionality check: does this restore window.opener to it's original value after working it's evil magic?
On Thu, Jul 24, 2008 at 4:44 PM, John Hjelmstad <[EMAIL PROTECTED]> wrote: > All, > > As commented in http://issues.apache.org/jira/browse/SHINDIG-416, to the > best of my knowledge all security concerns with the IE window.opener-based > technique have been resolved. The patch works and is very fast, significant > benefits atop which we can build lots of cool functionality IMHO. As such, > I'm inclined to commit this patch. > > But I want to tread very cautiously, so I'm putting out a call for dissent. > Does anyone object to committing this? Are there any specific security > concerns or unaccounted-for attack vectors? > > Thanks, > John >
