Neil wrote: > > Stuart Ballard wrote: > > >javascript in bindings provided by that skin > > > You've been able to bind javascript in a skin? According to Dave Hyatt, > and I quote: > > >Script is not allowed from "skin" XBL. Oh, I didn't know that. However, my proposal would make it actually possible to include script in a skin URL - it would just have restricted privileges, because a skin url would be untrusted... Stuart.
- Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Ben Bucksch
- Re: Is the security model XBL uses wrong? David Hyatt
- Re: Is the security model XBL uses wrong? David Hyatt
- Re: Is the security model XBL uses wrong? Neil
- Re: Is the security model XBL uses wrong? Neil
- Re: Is the security model XBL uses wrong? Alex Fritze
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? David Hyatt
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? David Hyatt
- Re: Is the security model XBL uses wrong? Neil
- Re: Is the security model XBL uses wrong? Stuart Ballard
- Re: Is the security model XBL uses wrong? Stuart Ballard
