1 post • joined 20 Nov 2008
Same-domain policy 101
> No, it doesn't run "in the context of the page". It runs in the context of the google.com domain.
> Similarly, they can't modify it to steal the admin login from the change.gov website.
Not that they would, but yes they could.
- Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM
- China building SUPERSONIC SUBMARINE that travels in a BUBBLE
- Review Raspberry Pi B+: PHWOAR, get a load of those pins
- That 8TB Seagate MONSTER? It's HERE... (You'll have to squint, 'cos there are no specs)
- Review Reg man looks through a Glass, darkly: Google's toy ploy or killer tech specs?