المجموعات
تسجيل الدخول
المجموعات
Google Caja Discuss
المحادثات
لمحة
إرسال ملاحظات
مساعدة
Google Caja Discuss
التواصل مع المالكين والمدراء
1–30 من 10391
تصنيف "مقروءة" للكل
الإبلاغ عن مجموعة
ما مِن صف تم اختياره.
Mike Power
, …
Mark S. Miller
4
14/1/2020
Caja performance recommendations
Well since the broad conclusion is not caja, and there are a great many ses discussions regarding
غير مقروءة،
Caja performance recommendations
Well since the broad conclusion is not caja, and there are a great many ses discussions regarding
14/1/2020
Kevin Reid
6/6/2019
Caja Security Advisory 2019-06-06
## Background When guest HTML contains an element that is not permitted by Caja's whitelist, it
غير مقروءة،
Caja Security Advisory 2019-06-06
## Background When guest HTML contains an element that is not permitted by Caja's whitelist, it
6/6/2019
Mark Miller
,
Kevin Reid
3
16/1/2019
Public disclosure of responsibly disclosed SES bugs
That's a good point. I missed that. Yes, if the mandatory parse rejects template strings, I don
غير مقروءة،
Public disclosure of responsibly disclosed SES bugs
That's a good point. I missed that. Yes, if the mandatory parse rejects template strings, I don
16/1/2019
Yehonathan Sharvit
, …
Mark Miller
16
13/1/2019
sanitized eval with Caja
Hi Yehonathan, I have gone through the public issues at https://github.com/Agoric/SES/issues , filed
غير مقروءة،
sanitized eval with Caja
Hi Yehonathan, I have gone through the public issues at https://github.com/Agoric/SES/issues , filed
13/1/2019
Mike Stay
,
Mark Miller
6
9/1/2019
Status of other sources of SES?
Neither Agoric nor Salesforce are likely to invest effort backporting fixes into original-SES. I
غير مقروءة،
Status of other sources of SES?
Neither Agoric nor Salesforce are likely to invest effort backporting fixes into original-SES. I
9/1/2019
Mark Miller
3/12/2018
POLA Would Have Prevented the Event-Stream Incident
The npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority
غير مقروءة،
POLA Would Have Prevented the Event-Stream Incident
The npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority
3/12/2018
Michael FIG
30/10/2018
Strawman: defending from deep recursion and long loops
Hi, I have a simple browser test set up at: https://michaelfig.github.io/caja/exhaust.html I don'
غير مقروءة،
Strawman: defending from deep recursion and long loops
Hi, I have a simple browser test set up at: https://michaelfig.github.io/caja/exhaust.html I don'
30/10/2018
Michael FIG
, …
Mark Miller
7
16/10/2018
Defending from long-running or infinite loops
On Mon, Oct 15, 2018 at 7:15 PM Michael FIG <kekit...@gmail.com> wrote: I think I will also
غير مقروءة،
Defending from long-running or infinite loops
On Mon, Oct 15, 2018 at 7:15 PM Michael FIG <kekit...@gmail.com> wrote: I think I will also
16/10/2018
Kevin Reid
2/4/2018
Caja Security Advisory 2018-04-02
## Background Caja contains an optional feature, in the deprecated ES5/3 mode, to allow embedding
غير مقروءة،
Caja Security Advisory 2018-04-02
## Background Caja contains an optional feature, in the deprecated ES5/3 mode, to allow embedding
2/4/2018
Marc H
, …
Mike Stay
9
12/2/2018
Script inclusion error
For the specific case of Math, you could shadow the real Math object with an object that merely
غير مقروءة،
Script inclusion error
For the specific case of Math, you could shadow the real Math object with an object that merely
12/2/2018
Marc H
,
Kevin Reid
2
9/2/2018
Dynamic guest page embedding
On Fri, Feb 9, 2018 at 12:32 PM, Marc H <zappy...@gmail.com> wrote: I am trying to use Caja
غير مقروءة،
Dynamic guest page embedding
On Fri, Feb 9, 2018 at 12:32 PM, Marc H <zappy...@gmail.com> wrote: I am trying to use Caja
9/2/2018
Kevin Reid
14/11/2017
Caja Security Advisory 2017-11-14
## Background Browsers have recently added new language features which allow executing code from a
غير مقروءة،
Caja Security Advisory 2017-11-14
## Background Browsers have recently added new language features which allow executing code from a
14/11/2017
Mark Miller
3
4/11/2017
WASM and ocaps
On these lists, sometimes we cross-post when introducing a topic but then announce that further
غير مقروءة،
WASM and ocaps
On these lists, sometimes we cross-post when introducing a topic but then announce that further
4/11/2017
My Routes
,
Kevin Reid
2
3/11/2017
Feature request: add 'allow-geolocation' to IFRAME sandbox mode in HtmlService
On Wed, Nov 1, 2017 at 8:20 AM, My Routes <myro...@gmail.com> wrote: In order for a cross-
غير مقروءة،
Feature request: add 'allow-geolocation' to IFRAME sandbox mode in HtmlService
On Wed, Nov 1, 2017 at 8:20 AM, My Routes <myro...@gmail.com> wrote: In order for a cross-
3/11/2017
jwi...@lifelink.com
, …
Mike Stay
4
23/8/2017
Syntax error when following example code
In particular, there's this snippet: ------------------- Running guest JavaScript from content
غير مقروءة،
Syntax error when following example code
In particular, there's this snippet: ------------------- Running guest JavaScript from content
23/8/2017
Doug Koellmer
, …
Mike Stay
13
25/5/2017
Reusing DIVs.
As far as destroying an interval goes, you can replace the existing setInterval function before
غير مقروءة،
Reusing DIVs.
As far as destroying an interval goes, you can replace the existing setInterval function before
25/5/2017
Mark S. Miller
3/5/2017
CFP: OCAP 2017, Object-Capability Languages, Systems, and Applications
http://conf.researchr.org/track/ocap-2017/ocap-2017#Call-for-Presentations Call for Presentations The
غير مقروءة،
CFP: OCAP 2017, Object-Capability Languages, Systems, and Applications
http://conf.researchr.org/track/ocap-2017/ocap-2017#Call-for-Presentations Call for Presentations The
3/5/2017
o x
,
Kevin Reid
3
2/5/2017
load caja from iframes and load the caja lib ones in window.parent.caja
thank you Kevin Reid! that did the the trick :) On Tuesday, May 2, 2017 at 11:50:02 PM UTC+7, Kevin
غير مقروءة،
load caja from iframes and load the caja lib ones in window.parent.caja
thank you Kevin Reid! that did the the trick :) On Tuesday, May 2, 2017 at 11:50:02 PM UTC+7, Kevin
2/5/2017
o x
,
Kevin Reid
6
2/5/2017
how to unescape the content of guest before run?
ok thank you On Tuesday, May 2, 2017 at 11:17:54 PM UTC+7, Kevin Reid wrote: You'll have to
غير مقروءة،
how to unescape the content of guest before run?
ok thank you On Tuesday, May 2, 2017 at 11:17:54 PM UTC+7, Kevin Reid wrote: You'll have to
2/5/2017
felbus
,
Kevin Reid
3
19/4/2017
allow base64 data uri
ok thanks, ill take a look.. On Monday, 17 April 2017 17:46:01 UTC+1, Kevin Reid wrote: On Mon, Apr
غير مقروءة،
allow base64 data uri
ok thanks, ill take a look.. On Monday, 17 April 2017 17:46:01 UTC+1, Kevin Reid wrote: On Mon, Apr
19/4/2017
felbus
,
Kevin Reid
3
15/4/2017
Allow full display and interaction with Html Emails
yep, that worked, thanks On Friday, 14 April 2017 18:05:58 UTC+1, Kevin Reid wrote: On Fri, Apr 14,
غير مقروءة،
Allow full display and interaction with Html Emails
yep, that worked, thanks On Friday, 14 April 2017 18:05:58 UTC+1, Kevin Reid wrote: On Fri, Apr 14,
15/4/2017
Vinod Patel
,
Kevin Reid
2
13/4/2017
Add third party scripts to guest code.
On Thu, Apr 13, 2017 at 4:39 AM, Vinod Patel <vinodpa...@gmail.com> wrote: is it possible
غير مقروءة،
Add third party scripts to guest code.
On Thu, Apr 13, 2017 at 4:39 AM, Vinod Patel <vinodpa...@gmail.com> wrote: is it possible
13/4/2017
Tapan Anand
,
Kevin Reid
3
23/3/2017
Do iframes with src still work in Caja?
Awesome! Thanks :) On Thursday, 23 March 2017 21:30:20 UTC+5:30, Kevin Reid wrote: On Thu, Mar 23,
غير مقروءة،
Do iframes with src still work in Caja?
Awesome! Thanks :) On Thursday, 23 March 2017 21:30:20 UTC+5:30, Kevin Reid wrote: On Thu, Mar 23,
23/3/2017
Mike Stay
, …
David Bruant
3
17/3/2017
Does ECMAScript2015's "import" keyword provide ambient authority to the filesystem?
Le 17/03/2017 à 03:57, 'Mark S. Miller' via Google Caja Discuss a écrit : [+lots] The current
غير مقروءة،
Does ECMAScript2015's "import" keyword provide ambient authority to the filesystem?
Le 17/03/2017 à 03:57, 'Mark S. Miller' via Google Caja Discuss a écrit : [+lots] The current
17/3/2017
Mike Stay
2
6/10/2016
Example code for SES?
Accidentally hit send. On Thu, Oct 6, 2016 at 2:53 PM, Mike Stay <meta...@gmail.com> wrote:
غير مقروءة،
Example code for SES?
Accidentally hit send. On Thu, Oct 6, 2016 at 2:53 PM, Mike Stay <meta...@gmail.com> wrote:
6/10/2016
Kevin Reid
1/6/2016
Caja security advisory 2016-05-31
## Background For applications which used the Google API tamings (not enabled by default), the taming
غير مقروءة،
Caja security advisory 2016-05-31
## Background For applications which used the Google API tamings (not enabled by default), the taming
1/6/2016
re...@codereview-hr.appspotmail.com
,
fel...@gmail.com
2
31/5/2016
Update Selenium to 2.53.0. (issue 300240043 by kpreid@google.com)
lgtm https://codereview.appspot.com/300240043/
غير مقروءة،
Update Selenium to 2.53.0. (issue 300240043 by kpreid@google.com)
lgtm https://codereview.appspot.com/300240043/
31/5/2016
re...@codereview-hr.appspotmail.com
,
eri...@gmail.com
2
27/5/2016
Fix ses.funcLike protection against non-identifier names. (issue 301810043 by kpreid@google.com)
LGTM https://codereview.appspot.com/301810043/
غير مقروءة،
Fix ses.funcLike protection against non-identifier names. (issue 301810043 by kpreid@google.com)
LGTM https://codereview.appspot.com/301810043/
27/5/2016
Lukas Bombach
,
Kevin Reid
4
26/5/2016
Can Caja still be used in production?
On Tue, May 24, 2016 at 3:48 AM, 'Lukas Bombach' via Google Caja Discuss <google-caja-
غير مقروءة،
Can Caja still be used in production?
On Tue, May 24, 2016 at 3:48 AM, 'Lukas Bombach' via Google Caja Discuss <google-caja-
26/5/2016
Kevin Reid
2/5/2016
Re: [Caja] How to pass HTML/JS data from DB to caja
On Sat, Apr 30, 2016 at 2:44 PM, eqSan <mehra...@gmail.com> wrote: I'm trying to call
غير مقروءة،
Re: [Caja] How to pass HTML/JS data from DB to caja
On Sat, Apr 30, 2016 at 2:44 PM, eqSan <mehra...@gmail.com> wrote: I'm trying to call
2/5/2016