hocus, I think such measures are an extremely bad idea. On the internet,
you cannot trust that
* a certain host is the one you think it is (esp. so with HTTP and
in some cases even with HTTPS)
* that the data you receive is unaltered (with HTTP)
Giving any http host on the Internet UniversalBrowserWrite (no matter
what purpose) is IMO grossly careless, risking your customers' computers
and (if that didn't scare you yet) you make yourself a potential subject
to a lawsuit from your threatened customers.
Ben
Mitchell Stoltz wrote:
> pref("signed.applets.codebase_principal_support", true);
> pref("capability.principal.codebase.foo.id", "http://foo.com
> http://bar.com";);
> pref("capability.principal.codebase.foo.granted",
> "UniversalBrowserRead UniversalBrowserWrite");
> hocus wrote:
>
>> make possible using javascript on documents loaded into frames/iframes,
>> originating from different domain than the base page.
>
