Steven, The signing procedure is different in Mozilla/NS6 than it was in NS4. Get rid of the ARCHIVE= and ID= attributes; they're not needed anymore. Put your HTML file and your priv.js file in a directory and sign that directory using signtool -Z. Then access the page using this format: jar:http://www.yourserver.com/path/name-of-the-jar-file.jar!/name-of-the-html-file.html
Signed scripts only work if you load them using the jar: protocol, and only if both the HTML page and the js file are in the jar. I'm eventually going to reimplement the old syntax, using ARCHIVE= to link the HTML with the script, but for now you have to use jar:. The details are at http://www.mozilla.org/projects/security/components/signed-scripts.html good luck, Mitch Steven Morrissey wrote: > Hello, > > I'm so very close... Please help... > > I have a signed javascript which attempts to instantiate an XPCOM plugin and > access some properties and call some methods. I signed the script with > signtool (and verified the sig) and I put the script and the jar on the same > server in the same directory. Here is the relevant HTML: > > <SCRIPT ARCHIVE="priv.jar" ID=1 src="priv.js"></script> > > here is the javascript in priv.js: > > function SetPriv() > { > > netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect"); > var sample = Components.classes["@mozilla.org/XPWAS;1"].createInstance(); > sample = sample.QueryInterface(Components.interfaces.nsIXPWAS); > sample.Realm = "Web Auth" > alert(sample.Realm); > } > > When I call SetPriv(), I get an error "Error: uncaught exception: > enablePrivilege not granted"... > > If I take out the call to enable the privilege, I can't access the > property... This runs fine when everything is on my local machine. What do I > need to do to get this to work from the server? > > TIA, > Steven > > > > > >
