XML.orgXML.org
FOCUS AREAS |XML-DEV |XML.org DAILY NEWSLINK |REGISTRY |RESOURCES |ABOUT
OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] Re: Javascript and plugging holes

On 12/10/10 9:36 AM, Simon St.Laurent wrote:

> There are lots of security holes in JavaScript and the Web environment,
> and many of them happen to work on phones too now.

Another example:  Flash ActionScript .swf files can load XML from other 
domains if that domain hosts the appropriate policy file.  ActionScript 
also provides access to the containing document's javascript environment.

I have had occasion to use this to effect cross-domain loading of XML 
and insertion into the DOM.

Won't work on an iPhone, though.

-Bill


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS