On Sun, Jul 13, 2008 at 08:49:38PM +0200, martin f krafft wrote:
> also sprach Mike Hommey <[EMAIL PROTECTED]> [2008.07.13.2029 +0200]:
> > Your normal user account can surely read *your* data.
> 
> Depends. Anyway, that malicious script would have to know where to
> find it.
> 
> Also, I find it hard to believe that a JS script couldn't work
> around this and populate the field.

It may be hard to believe, but that's how it does work. Except maybe
priviledged javascript can...

Anyways, I guess there might be ways to get the behaviour you want via 
xbl or other hack... maybe there's already an extension to do just that,
who knows...

Mike



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to