• From: Bill Lindsey <bill@b...>
• To: xml-dev@l...
• Date: Fri, 10 Dec 2010 12:33:38 -0800

On 12/10/10 9:36 AM, Simon St.Laurent wrote:

> There are lots of security holes in JavaScript and the Web environment,
> and many of them happen to work on phones too now.

Another example:  Flash ActionScript .swf files can load XML from other 
domains if that domain hosts the appropriate policy file.  ActionScript 
also provides access to the containing document's javascript environment.

I have had occasion to use this to effect cross-domain loading of XML 
and insertion into the DOM.

Won't work on an iPhone, though.

-Bill

• References:
  • Javascript and plugging holes was: Cross-domain loading of XML
    • From: Stephen Green <stephengreenubl@g...>
  • Re: Javascript and plugging holes
    • From: Henri Sivonen <hsivonen@i...>
  • Re: Re: Javascript and plugging holes
    • From: Stephen Green <stephengreenubl@g...>
  • Re: Re: Javascript and plugging holes
    • From: Stephen Green <stephengreenubl@g...>
  • RE: Re: Javascript and plugging holes
    • From: "David Lee" <dlee@c...>
  • Re: Re: Javascript and plugging holes
    • From: Stephen Green <stephengreenubl@g...>
  • Re: Re: Javascript and plugging holes
    • From: "Simon St.Laurent" <simonstl@s...>