JS security and enumerating a Window
Koos Vriezen
koos.vriezen at xs4all.nl
Fri Oct 25 13:33:08 BST 2002
On Thu, 24 Oct 2002, Koos Vriezen wrote:
> <HTML><HEAD><SCRIPT>
> function doIt() {
> myframe1.document.open();
> myframe1.document.write("<html><body>");
> for(var i in frames[1]) {
> try{
> myframe1.document.write(i + "=" + frames[1][i] + "<br>");
> } catch(e) {
> myframe1.document.write(i + " error<br>");
> }
> }
> myframe1.document.write("</body></html>");
> myframe1.document.close();
> }
> </SCRIPT> </HEAD>
> <FRAMESET ROWS="300,*" onLoad="doIt()">
> <FRAME NAME="myframe1" SRC="about:blank">
> <FRAME NAME="myframe2" SRC="http://localhost/~koos/test.html">
> </FRAMESET></HTML>
>
> where test.html is:
> <html><head><script>
> var foo="bar";
> </script></head>
> <body></body></html>
>
> Document opened with konq's filemanager, domain file:/.... As is myframe1.
> And myframe2 has domain http://localhost/.
> Does give a lot of 'WARNING: Javascript: access denied for current
> frame...', but I can see JS variable name 'foo'. Don't see the value of it
> though.
In my attempt to add something like this in Window::isSafeScript before
returning false (there is no SecurityError in kjs/object.h)
Object err = Error::create(exec, GeneralError);
exec->setException(err);
I noticed that todays CVS (updated kjs/khtml today, other stuff
yesterday) doesn't have domain set anymore. Putting some
kdDebug there shows these
khtml (jscript): WARNING: Window::isSafeScript '' to frame ''
lines.
How come?
Koos
Ps. anyone knows how to prevent:
Session management error: Could not open network socket
from uic. Makes compiling a lot slower with those timeouts.
More information about the kfm-devel
mailing list