On 10/10/13 12:43 PM, Matthew Gertner wrote:
This page loads script both from the local disk (using the same protocol handler) and remote script loaded via HTTPS. When I try to access properties on objects instantiated in the remote script from my local script, I get "permission denied" errors.
That's ... quite odd. Scripts loaded via a <script> tag get the principal of the page that loaded them. Is this how you're loading your scripts?
1) Is the CSP what determines whether a script can access properties in another script from a different origin?
Generally, no. It's typically the same-origin policy. But everything in your case should be the same origin...
-Boris _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform