patch: stub implementation of XMLHttpRequest
David Faure
faure at kde.org
Wed Feb 25 10:28:22 CET 2004
On Tuesday 24 February 2004 23:21, Maciej Stachowiak wrote:
> I am not sure why you are allowed to set domain at all, even to a
> suffix. It seems like a potential security risk.
Isn't this for the (rather common) case of a company splitting its website on
several websites, so e.g. you have a frameset on www1.apple.com,
frames on www2.apple.com and maybe a few iframes on www3.apple.com?
By setting the domain to apple.com in all those pages, one can allow
those frames to talk to each other, which wouldn't be possible otherwise.
--
David Faure, faure at kde.org, sponsored by Trolltech to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).
More information about the Khtml-devel
mailing list