D.6 SecurityNavigator 2.0.2 and Navigator 3.0 implement a very restrictive "hobble" in the interests of security: a script running in one window cannot read the properties of another window unless the contents of that window were loaded from the same server as the script. Internet Explorer 3.0 implements security measures, but this is not one of them. This means that users of IE 3.0 may be vulnerable to malicious scripts that steal information. See Chapter 20, JavaScript Security for a full discussion of JavaScript security issues. |
|