On 7/15/06, Vladimír Marek <[EMAIL PROTECTED]> wrote:
Hi Eric,
> You can use Object.toSource() to serialize the source to a string. To
> read the string back into objects, use eval(string);
That's excellent, exactly what I was looking for ! :)
Not that it matters much in the case of reading from the preferences,
but evalInSandbox is safer/better generally, because a simple eval()
executes the code with the chrome privileges, so if the attacker can
make you eval() his string, he gains full control over the system.
Nickolay
_______________________________________________
Project_owners mailing list
[email protected]
http://mozdev.org/mailman/listinfo/project_owners
