- From: Anne van Kesteren <annevk@opera.com>
- Date: Thu, 24 Jan 2008 17:41:45 +0100
- To: tep4i6o02@sneakemail.com, public-html-comments@w3.org
On Thu, 24 Jan 2008 17:26:28 +0100, <tep4i6o02@sneakemail.com> wrote: > How can it be impossible to distinguish between the paths of windows and > running script, when it is commonplace to distinguish between the > domains of the windows? Or does the security model allow one to inject > scripts into another window (in the same domain), so they run from there? Yes, the security model allows that. (And we're tied to that model due to deployed content :-)) -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Thursday, 24 January 2008 16:38:20 UTC