Re: SVG 1.2 Comment: B.2.3 Socket Connections

Jim Ley wrote:
> You always have to block random hosts - Mozilla is currently the only 
> browser to provide by default (and last I looked non-disablable) access to 
> non-originating hosts via javascript http requests.

Actually, I just checked on this.  The XMLHttpRequest code does have 
cross-site security checks in place, and my attempt to use it to make a 
cross-site request threw an exception.

Were you referring to someother piece of javascript HTTP request 
functionality?

-Boris

Received on Thursday, 4 November 2004 22:57:02 UTC