As we've seen, Navigator 2.0.2 and later implement a very general security hobble intended to blanket an entire category of security holes: scripts from one server cannot read properties of windows or documents from another server. This is quite a severe restriction, and poses problems for large web sites that use more than one server. For example, a script from home.netscape.com might legitimately want to read properties of a document loaded from developer.netscape.com. While this seems like a reasonable and secure thing to do, the hobble does not allow it.
In order to support large web sites of this sort, Navigator 3.0 slightly relaxes the security hobble by introducing the domain property of the Document object. Internet Explorer 3.0 does not implement this property, but, as noted above, it also does not implement the problematic security hobble. By default, the domain property is the same as the hostname of the web server from which the document was loaded. You can set this property, but only to a string that is a valid domain suffix of itself. Thus, if domain is the string "home.netscape.com", you can set it to the string "netscape.com", but not to "home.netscape" or "cape.com", and certainly not to "microsoft.com".
If two windows contain scripts that both set their domain to the same value, then the security hobble will be relaxed for these two windows and in each of windows may read properties from the other.
file: /Techref/language/java/script/definitive/ch20_03.htm, 4KB, , updated: 2019/10/14 15:00, local time: 2024/11/22 20:21,
18.191.165.149:LOG IN
|
©2024 These pages are served without commercial sponsorship. (No popup ads, etc...).Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE. Questions? <A HREF="http://sxlist.com/techref/language/java/script/definitive/ch20_03.htm"> [Chapter 20] 20.3 The domain Property</A> |
Did you find what you needed? |
Welcome to sxlist.com!sales, advertizing, & kind contributors just like you! Please don't rip/copy (here's why Copies of the site on CD are available at minimal cost. |
Welcome to sxlist.com! |
.