Hi, A few months ago, I posted this message : http://groups.google.com/group/mozilla.dev.security/browse_thread/thread/d95d4d9d82959739/da0875e5639698c2?lnk=gst&q=signed+jar#da0875e5639698c2
I wanted to call JavaScript methods that require special Firefox privileges from a JSP page I finally succeeded using this method : - I created a simple HTML file - I wrote my JS functions in this HTML file. For example : "function verifExistenceFenetre(nomFenetre) { ... }" - I included this HTML file in a signed jar - In my JSP page that have to call these functions, I wrote : <object type="text/html" data="jar:<%= request.getContextPath()%>/js/jsAvecPrivileges.jar!/jsUtilsAvecPrivileges.html" width="0px" height="0px" name="jsUtilsAvecPrivileges"> </object> <script type='text/javascript'> <!-- var jsPriv; function initJsPriv() { jsPriv = document.getElementsByName("jsUtilsAvecPrivileges")[0].contentDocument.defaultView; } --> </script> => Then, I can call "jsPriv.verifExistenceFenetre(nomFenetre)" from the JSP page. That worked nice on Firefox 2.0.0.14 and previews. But in 2.0.0.15 and 3.0.0.1, I get the following error : Permission refusée d'obtenir la propriété HTMLDocument.defaultView http://portable.armor-technologies.net:8080/gcm-web-patients/faces/index.jsp Line 319 : 317 function initJsPriv() { 318 319 jsPriv = document.getElementsByName("jsUtilsAvecPrivileges")[0].contentDocument.defaultView; 320 321 } I wonder if this could be due to vulnerability correction in Firefox 2.0.0.15 : http://www.mozilla.org/security/announce/2008/mfsa2008-23.html ==> But now, how can I get it work again ? Thanks for any help... The problem happens on a production webapp, and we can't upgrade Firefox until this problem is solved, which is very annoying... _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security