On 23 Oct 2002, Christian Stocker wrote:
> On Wed, 2002-10-23 at 20:17, Sandro Zic wrote:
> > On Wednesday 23 October 2002 19:18, Christian Stocker wrote:
> > > Just as a sidenode. The xml-files have to come from the same host as the
> > > index.html. Therefore, if index.html comes from http://example.com you
> > > can't laod the xml files from http://other.com, they even have to come
> > > from the same port.
> >
> > As far as I see, BXE does not support xinclude?
>
> Nope. But if someone is interested, I have some JS code lying around,
> which does xincludes in Mozilla 1.1 for reading. Writing to xincluded
> sources is another issue, but if need is there for that, I can try to
> implement it as well.
>
> > If it does or if you plan to
> > integrate it, will this restriction run counter multiple xinclusion of
> > distributed XML documents, located at different hosts?
>
> Nope, not possible by default
> (http://www.mozilla.org/projects/security/components/same-origin.html )
>
> But you have basically 3 possibilities to circumvent it
>
> 1. Sign your Scripts and make them trusted (see
> http://www.mozilla.org/projects/security/components/signed-scripts.html
> ).
Thanks to a hint by brian, I found this extensive documentation about
security and signing in mozilla:
http://books.mozdev.org/chapters/ch12.html#77088
The other chapters are worth reading as well, by the way :)
chregu
--
bx-editor-dev mailing list
bx-editor-dev@xxxxxxxxxxxxxxxx
http://lists.bitflux.ch/cgi-bin/listinfo/bx-editor-dev
|
