Discuss building things with or for the Mozilla Platform.
7 posts • Page 1 of 1
Hi, this probably sounds silly, but is there a pref to enable cross-site scripting, or in other words, a pref to disable cross-site security checks? IE appears to have an option like this, but it doesn't seem to work, which is no great surprise I guess. For some context, I'd like to do something like the following: have a framed page, with a control script in one frame that changes pages in the other frame depending on what URL the other frame has.
I've tried signing the script, but I can't seem to even generate a test object-signing certificate with signtool. Thanks for any help!
That's like saying "hi, is there a way to open a big security hole in my computer"
you should be able to access the frame as long as it's on the same website.
Former UMO Admin, Former MozillaZine General Mod
I am rarely on mozillaZine, so please do not send me a private message.
My Old Firefox config files
Yes, that's exactly what I'm saying, hence the "this probably sounds silly" part. Regardless, this is what I'd like to do because figuring out how to sign the script is relatively unpleasant. Anyhow, it doesn't open a big security hole to my computer per se, I just need to be careful about what I enter into other mozilla windows. And yes, I would be able to access the frame if my controlling script were on the same website. But it's not, which is the problem.
2 frames, and 1 frame opens a page in the other frame that is from another domain? Or do you need to do more than just load a page?
If you see a marquee, clap your hands!
Yep, basically. Well, all I need is for my script to be able to tell, for example, the url in the other frame. But since the other frame has a page from a different domain, mozilla won't allow access because it's a potential security hazard, so I'd like to disable the cross-site checks while I run this script, if possible.
Hmm, I looked at that page before but just assumed codebase principals would need some kind of signing still. But it turns out that's not the case, so that's just what I'm looking for. Thanks!
7 posts • Page 1 of 1
Who is online
Users browsing this forum: Google Adsense [Bot] and 1 guest