Oliver Bleutgen  <[EMAIL PROTECTED]> wrote:
> Although I repeat myself, implementing this proposal would give me a lot 
> of options to prevent myself from this kind of attack, completely or 
> partially.
> - In Internet Explorer I can disable javascript. (problem solved)
> - In Internet Explorer I use the zone restrictions (prevents attacks 
> from untrusted servers)
> - I can do the same in mozilla
> - additionally, in mozilla I can just disable form submitting in 
> javascript, with something like (this is surely wrong)
> user_pref("capability.policy.default.HTMLFormElement.submit", "noAccess");
> Put this your prefs.js file and you are done.
> Really, it _would_ help.

Okay, I agree that it does indeed help.

Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 87  http://nuxeo.com  mailto:[EMAIL PROTECTED]

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to