I'm unaware of any browser that uses IFPC. It's kept around out of general paranoia and for one particular use case: when you need the gadgets.rpc.setParentVerifiable() API, in which the receiver of a given message needs to validate the URL of the party that's sending it a message. The NIX (IE6/7) and FE (FF2) transports, in particular, utilize techniques that do not ultimately depend on the browser's same-domain policy, so parties can in theory craft messages masquerading as being sourced from an inaccurate domain.
--John On Wed, Jun 23, 2010 at 3:36 PM, Shtein, Ilya <[email protected]>wrote: > Greetings, > > > > By looking at gadgets.rpc, it seems like none of the modern browsers > uses IFPC-based remoting channel. However, it is still kept as a > fallback. If I only have to support modern browsers, e.g. IE7 / 8 /FF > 3.x / latest versions of Chrome / Safari, do I need to worry about IFPC > channel compatibility? For example, IFPC in IE will limit me to 2k, and > my data may exceed that size limit... so my question is - is it safe to > assume that I will never encounter the need to send my data through the > IFPC channel if I support IE7/8? Other browsers listed above? > > > > Thanks! > > > > _____________ > > The information contained in this message is proprietary and/or > confidential. If you are not the intended recipient, please: (i) delete the > message and all copies; (ii) do not disclose, distribute or use the message > in any manner; and (iii) notify the sender immediately. In addition, please > be aware that any message addressed to our domain is subject to archiving > and review by persons other than the intended recipient. Thank you. > _____________ >
