[Project_owners] DOM security in Firefox 3
Ezequiel Calderara
ezechico at gmail.com
Sun Feb 24 09:06:32 PST 2008
Did u see in which line it's throwing the error?.
Is in the close(), in the write() or in the open() ?
On Sun, Feb 24, 2008 at 7:52 AM, <updatescanner at gmail.com> wrote:
> I'm having an security issue in firefox 3 when writing to iframes
> inside an XUL window.
>
> Here is a code snippet adapted from
> http://basic.mozillanews.org/mozilla_book/ch03.html
>
> <iframe id="simple-content" />
> <button label="click me" onclick="var doc =
> window.frames[0].document;doc.open( );doc.write('Come fly with me
> ...');doc.close( );"/>
>
> FF2: When I open this as a file (file:///...) or as chrome
> (chrome://...), it works as expected - the text appears in the iframe.
>
> FF3: When I open it as a file it works. When I open it as chrome, I
> get the following error:
>
> Error: uncaught exception: [Exception... "Security error" code:
> "1000" nsresult: "0x805303e8 (NS_ERROR_DOM_SECURITY_ERR)" location:
> "<unknown>"]
>
> I realise security has been upped in firefox 3, but this seems like a
> reasonable thing to want to do. Does anyone have any ideas? Is this
> expected behaviour, or should I file a bug?
>
> Thanks,
> Pete
> updatescanner.mozdev.org
> _______________________________________________
> Project_owners mailing list
> Project_owners at mozdev.org
> https://www.mozdev.org/mailman/listinfo/project_owners
>
--
______
Ezequiel.
Http://www.ironicnet.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.mozdev.org/pipermail/project_owners/attachments/20080224/66112884/attachment.html
More information about the Project_owners
mailing list