- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Thu, 04 Nov 2004 16:53:56 -0600
- To: Jim Ley <jim@jibbering.com>
- CC: www-svg@w3.org
Jim Ley wrote: > You always have to block random hosts - Mozilla is currently the only > browser to provide by default (and last I looked non-disablable) access to > non-originating hosts via javascript http requests. Actually, I just checked on this. The XMLHttpRequest code does have cross-site security checks in place, and my attempt to use it to make a cross-site request threw an exception. Were you referring to someother piece of javascript HTTP request functionality? -Boris
Received on Thursday, 4 November 2004 22:57:02 UTC