- From: Aaron Reed <mozillaxforms@yahoo.com>
- Date: Tue, 24 Aug 2004 20:49:47 +0000 (UTC)
- To: www-forms@w3.org
I also have a question about XForms security. For example, the formsPlayer example at: http://www.formsplayer.com/community/samples/google-search.html. Running this example in a browser should raise eyebrows. Submitting SOAP to domains DIFFERENT from the one where the page was downloaded and REPLACING content in the current page so that the user doesn't have any kind of cue that something just happened seems like the kind of power for a form that we don't want to encourage (in a browser context, at least). Is this something that is going to be addressed in the 1.1 spec when the SOAP stuff goes in? --Aaron
Received on Wednesday, 25 August 2004 16:01:54 UTC