home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  


JavaScript: The Definitive Guide

Previous Appendix C
Differences between Navigator 2.0 and 3.0
Next
 

C.3 JavaScript Security

There have been several important changes to JavaScript security in Navigator 3.0. See Chapter 20, JavaScript Security for complete details.

  • The Document.domain() property allows large web sites that use multiple web servers to circumvent the restriction that scripts from one host can't read the properties of windows or documents that come from another host.

  • A new security model, based on data tainting, is experimental in Navigator 3.0. When enabled, this new model makes significant changes to the security restrictions placed on JavaScript programs. It also makes new properties and array elements of the History object available, and allows the value property of the Password object to be read.

  • The taint() and untaint() functions were added in Navigator 3.0 as part of the new data-tainting security model. The taintEnabled() method of the Navigator object was also added.


Previous Home Next
LiveConnect Book Index Image Manipulation

HTML: The Definitive Guide CGI Programming JavaScript: The Definitive Guide Programming Perl WebMaster in a Nutshell