WWDC Keynote: HTML5 wide open for On-Rev & revServer
Mike Bonner
bonnmike at gmail.com
Tue Jun 8 13:10:05 EDT 2010
Actually, I believe the following (from the provided link) is what is
being referred to:
7.2 Cross-directory attacks
Different authors sharing one host name, for example users hosting
content on geocities.com, all share one local storage object. There is
no feature to restrict the access by pathname. Authors on shared hosts
are therefore recommended to avoid using these features, as it would
be trivial for other authors to read the data and overwrite it.
Even if a path-restriction feature was made available, the usual DOM
scripting security model would make it trivial to bypass this
protection and access the data from any path.
On Tue, Jun 8, 2010 at 10:36 AM, Jerry Daniels <jerry.daniels at me.com> wrote:
> Not so. No.
>
> Each developer has own space. If developer INVITES someone in...as a
> teammate, then they share.
>
> Vampire rules. Need an invite to join another developer.
>
> Best,
>
> Jerry Daniels
>
> Follow the Rodeo discussion:
> http://rodeoapps.com/rodeo-discuss-among-yourselves
>
>
>
> On Jun 8, 2010, at 11:19 AM, Robert Mann wrote:
>
>> For Rodéo apps, if each user shares a space on a common shared server,
>> than
>> all the local datas of user X are accessible to all different rodeo apps,
>> So
>> far I understood. Not reassuring!
>
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>
More information about the use-livecode
mailing list