Loading ...
Sorry, an error occurred while loading the content.

Expand Messages
  • Norman Hardy
    I quote from the MashupOS paper from Microsoft that Doug referred us to: There is either no trust across principals through complete isolation or full trust
    Message 1 of 2 , May 20, 2007
    • 0 Attachment
      I quote from the MashupOS paper from Microsoft that Doug referred us to:

      There is either no trust across principals through complete isolation
      or full trust through incorporating third party code as libraries.

      Where can I learn about these libraries--who can add to them and who
      can call them?
      Is there an implication that the 'third party' is mutually trusted?
    • Douglas Crockford
      ... There are lots of Ajax libraries out their. You can find some pointers to them at Ajaxian.com. The web developer selects scripts from the library and
      Message 2 of 2 , May 20, 2007
      • 0 Attachment
        --- In caplet@yahoogroups.com, Norman Hardy <norm@...> wrote:
        >
        > I quote from the MashupOS paper from Microsoft that Doug referred us to:
        >
        > There is either no trust across principals through complete isolation
        > or full trust through incorporating third party code as libraries.
        >
        > Where can I learn about these libraries--who can add to them and who
        > can call them?
        > Is there an implication that the 'third party' is mutually trusted?

        There are lots of Ajax libraries out their. You can find some pointers
        to them at Ajaxian.com. The web developer selects scripts from the
        library and includes then using HTML script tags. These scripts have
        access to everything. The scripts generally do not have secrets of
        their own.

        Most libraries get copied to your server. Some libraries, such as Dojo
        and YUI, can be loaded from 3rd party servers.

        A recent fad on sites with user-generated pages (like MySpace) is
        inclusion of 3rd party JavaScript badges on web pages. These badges
        provide access to logging, galleries, and video. And the badges have
        access to everything.
      Your message has been successfully submitted and would be delivered to recipients shortly.