I think the question was why should Prototype be checking for the same
origin if the browser is already supposed to be doing it? Not sure if
this plugin had anything to do with it or if there was another
vulnerability - 
http://ajaxian.com/archives/introducing-a-cross-site-ajax-plugin-for-prototype

The commit message didn't mention anything specific -
http://github.com/sstephenson/prototype/commit/02cc9992e915c024650ddc77a91064f7a4252914

On Jul 4, 3:17 am, Luca Guidi <[EMAIL PROTECTED]> wrote:
> http://en.wikipedia.org/wiki/Same_origin_policyhttp://www.mozilla.org/projects/security/components/same-origin.html
>
> --
> blog:www.lucaguidi.com
> Pro-Netics:www.pro-netics.com
> Sourcesense - making sense of Open Source:www.sourcesense.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Prototype: Core" group.
To post to this group, send email to prototype-core@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/prototype-core?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to