Re: [webkit-dev] domain mismatch js error

Justin Haygood Tue, 05 Jul 2005 10:05:02 -0700

If it was the other way around it would work:

http://loi.nl/start.htm accessing http://www.loi.nl

The other way around would be a security vulnerability from many hosting websites.

Let's take netfirms for instance, how would you like it if badevilco.netfirms.com modified netfirms.com? Not very safe. BUT, netfirms.com modifying badevilco.netfirms.com would actually not be so bad.

Joost de Valk wrote:

Hi all,

today i was browsing a bit and found this error on my console:

Unsafe _javascript_ attempt to access frame with URL http://loi.nl/ from frame with URL http://www.loi.nl/start.htm. Domains must match.

and maybe i'm weird, but the domains match... The subdomains don't... is that a security issue? probably is... but can we prevend this error?

Kind regards,

Joost

--

Joost de Valk

#: AlthA on #webkit @ irc.freenode.net

@: [EMAIL PROTECTED]

W: http://www.joostdevalk.nl

"The only people who find what they are looking for in life are the fault finders." - Foster's Law
_______________________________________________
webkit-dev mailing list
[email protected]
http://www.opendarwin.org/mailman/listinfo/webkit-dev
  

_______________________________________________
webkit-dev mailing list
[email protected]
http://www.opendarwin.org/mailman/listinfo/webkit-dev

Re: [webkit-dev] domain mismatch js error

Reply via email to