Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: xmlhttprequest not doing anything?


On Oct 10, 2005, at 3:40 AM, Troy Dawson wrote:

I've got a simple test that is working in safari but when called from my embedded WebView the readyState isn't advancing beyond 0...

this is both with the query directed offsite and into the document root (eg. http:/localhost/server/server.php).

Privilege issue? This is 10.4.2. 

Can you provide a simple test case that reproduces the bug?

Can the failure be reproduced in SimpleWeb?

Ideally this stuff information could go in a bug report on RadarWeb or on http://bugzilla.opendarwin.org.

Is anybody actually using xmlhttprequest in a WebView? xmlhttprequest was the subject of a CAN advisory in May, but it is available to Dashboard scripts and also works for me in Safari, contrary to the docs (http://developer.apple.com/internet/ webcontent/xmlhttpreq.html) stating that it won't go across domains no less.

If you can do a cross-domain XMLHttpRequest in Safari, then this is a serious security issue. Do you have code that demonstrates the exploit? (Note: from a local file HTML document accessed via a file: URL you can make an XMLHttpRequest to anywhere on the net.)

Regards
Maciej

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webkitsdk-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webkitsdk-dev/email@hidden

This email sent to email@hidden
References: 
 >xmlhttprequest not doing anything? (From: Troy Dawson <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.