Susan, Not sure you got any response on this, my 2 cents.
On 4/29/09 5:53 PM, "Susan Bramhall" <[email protected]> wrote: > 1. It feels like a bad idea to stash scripts in the web server file space to > re-vend as part of the portal (?) Re-vending in the same domain is a huge potential XSS vulnerability - you lose most/all of the browser sandboxing. Jason -- Jason Shao Director of Product Development CampusEAI Consortium 1940 East 6th Street, 11th Floor Cleveland, OH 44114 Tel: 216.589.9626x249 Fax: 216.589.9639 Your input is important to improve upon our continuous efforts to service you better. Please e-mail my manager at [email protected] with any feedback. CONFIDENTIALITY NOTICE: This e-mail together with any attachments is proprietary and confidential; intended for only the recipient(s) named above and may contain information that is privileged. You should not retain, copy or use this e-mail or any attachments for any purpose, or disclose all or any part of the contents to any person. Any views or opinions expressed in this e-mail are those of the author and do not represent those of CampusEAI Consortium or the Open Student Television Network. If you have received this e-mail in error, or are not the named recipient(s), you are hereby notified that any review, dissemination, distribution or copying of this communication is prohibited by the sender and to do so might constitute a violation of the Electronic Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender and delete this e-mail and any attachments from your computer. Warning: Although precautions have been taken to make sure no viruses are present in this e-mail, the companies cannot accept responsibility for any loss or damage that arise from the use of this e-mail or attachments. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/uportal-dev
