Re: security.fileuri.strict_origin_policy has no effect (FF3)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: security.fileuri.strict_origin_policy has no effect (FF3)

Jonas Sicking-2
This sounds really weird as no XSLT specific changes were made to
implement the stricter policy. Do you have a testcase you can provide?

/ Jonas

Thomas Comiotto wrote:

> Hi all
>
> Setting security.fileuri.strict_origin_policy to false in Firefox 3.0
> seems to have no effect when transforming local xsl files with
> include/import directives linking to ancestor directories (e.g. import
> href="../foo/bar.xsl"). Those transforms are broken in FF3.
>
> Is this a known issue or is there a workaround to make arbitrary local
> xslt file hierarchies work in FF3?
>
> Note: I used to create a nsIDOMXMLDocument instance for the main xslt in
> FF2 but changed that to XmlHttpRequest due to security restrictions in
> FF3 that prevent loading fileUris from chrome. Is this really the only
> way to load a local xslt's from chrome now or do I miss the point with
> regards to the FF3 changes?
>
> Any help would be very much appreciated!
>
> Best regards
> Thomas
>
> System: Mac OSX 10.4, FF 3.0
>
>
>
> -----------------------------------------------------------------------------
>
>                         Thomas Comiotto            
> [hidden email]
>
>                         Universitaet Zuerich
>                         Informatikdienste                Tel: +41 44 63
> 54541
>                         Winterthurerstrasse 190               +41 44 63
> 43333
>                         CH-8057 Zuerich                  Fax: +41 44 63
> 54505
>
>
>
>
_______________________________________________
dev-tech-xslt mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xslt
Reply | Threaded
Open this post in threaded view
|

Re: security.fileuri.strict_origin_policy has no effect (FF3)

Thomas Comiotto
Hi Jonas

False alarm: setting the preference does the trick.

Sorry for the noise!
Thomas


On Jul 8, 2008, at 1:30 AM, Jonas Sicking wrote:

> This sounds really weird as no XSLT specific changes were made to
> implement the stricter policy. Do you have a testcase you can provide?
>
> / Jonas
>
> Thomas Comiotto wrote:
>> Hi all
>>
>> Setting security.fileuri.strict_origin_policy to false in Firefox 3.0
>> seems to have no effect when transforming local xsl files with
>> include/import directives linking to ancestor directories (e.g.  
>> import
>> href="../foo/bar.xsl"). Those transforms are broken in FF3.
>>
>> Is this a known issue or is there a workaround to make arbitrary  
>> local
>> xslt file hierarchies work in FF3?
>>
>> Note: I used to create a nsIDOMXMLDocument instance for the main  
>> xslt in
>> FF2 but changed that to XmlHttpRequest due to security  
>> restrictions in
>> FF3 that prevent loading fileUris from chrome. Is this really the  
>> only
>> way to load a local xslt's from chrome now or do I miss the point  
>> with
>> regards to the FF3 changes?
>>
>> Any help would be very much appreciated!
>>
>> Best regards
>> Thomas
>>
>> System: Mac OSX 10.4, FF 3.0
>>
>>
>>
>> ---------------------------------------------------------------------
>> --------
>>
>>                         Thomas Comiotto
>> [hidden email]
>>
>>                         Universitaet Zuerich
>>                         Informatikdienste                Tel: +41  
>> 44 63
>> 54541
>>                         Winterthurerstrasse 190               +41  
>> 44 63
>> 43333
>>                         CH-8057 Zuerich                  Fax: +41  
>> 44 63
>> 54505
>>
>>
>>
>>
> _______________________________________________
> dev-tech-xslt mailing list
> [hidden email]
> https://lists.mozilla.org/listinfo/dev-tech-xslt

_______________________________________________
dev-tech-xslt mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xslt