1 post • joined 20 Nov 2008
Same-domain policy 101
> No, it doesn't run "in the context of the page". It runs in the context of the google.com domain.
> Similarly, they can't modify it to steal the admin login from the change.gov website.
Not that they would, but yes they could.
- Vid Google opens Inbox – email for people too thick to handle email
- Pic Forget the $2499 5K iMac – today we reveal Apple's most expensive computer to date
- RUMPY PUMPY: Bone says humans BONED Neanderthals 50,000 years B.C.
- Is your home or office internet gateway one of '1.2 MILLION' wide open to hijacking?
- Review Vulture trails claw across Lenovo's touchy N20p Chromebook