thanks jerome, i suspected that this could be the case...
kind regards, -logan On Wed, Nov 5, 2008 at 8:09 PM, Jerome (Guru) <[EMAIL PROTECTED]>wrote: > > Hi Logan, > > The _args() functions return an array of the iframe URL parameter. > There is no XSS issue here. Any frame can access its URL (with URL > parameters) through the Javascript location global object. All _args() > does is provide you the URL parameter in a already parsed and easy to > iterate through array. > > Jerome > > On Nov 5, 10:44 pm, "Logan Barron" <[EMAIL PROTECTED]> wrote: > > hello all, > > > > the igoogle js api provides a way to retrieve url params via '_args()'. > > > > my question is: how does this work? how do OR could they pass parameters > to > > an iframe residing on a different domain? i would like to know how they > get > > around the xss restrictions. > > > > is the source available? any ideas? > > > > thanx, > > > > -logan > > > -- Your Friend | Barron C. Logan | 678.656.5924 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "iGoogle Developer Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Gadgets-API?hl=en -~----------~----~----~----~------~----~------~--~---
