[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] data protocol: was RE: node-setting() escaped text
>data:text/html,<b>hello</b> >into netscape's location bar) why do I think this is a security problem? Hmm data:text/html,<b>hello</b><br/><p onclick="javascript:window.open('http://www.xml.com')">hello</p> anyway it's interesting that it wasn't done as an app, asynchronous pluggable protocol, if it were then one could launch mozilla from within IE by calling the protocol, on the other hand as it wasn't this opens the way up for an ie implementation. In fact it wouldn't be difficult at all, of course as ie has enough security bugs... XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|