그룹
로그인
그룹
Google Caja Discuss
대화
정보
의견 보내기
도움말
Google Caja Discuss
소유자 및 관리자에게 문의
10391개 중 1~30개
모두 읽음으로 표시
그룹 신고
0개 선택됨
Mike Power
, …
Mark S. Miller
4
20. 1. 14.
Caja performance recommendations
Well since the broad conclusion is not caja, and there are a great many ses discussions regarding
읽지 않음,
Caja performance recommendations
Well since the broad conclusion is not caja, and there are a great many ses discussions regarding
20. 1. 14.
Kevin Reid
19. 6. 6.
Caja Security Advisory 2019-06-06
## Background When guest HTML contains an element that is not permitted by Caja's whitelist, it
읽지 않음,
Caja Security Advisory 2019-06-06
## Background When guest HTML contains an element that is not permitted by Caja's whitelist, it
19. 6. 6.
Mark Miller
,
Kevin Reid
3
19. 1. 16.
Public disclosure of responsibly disclosed SES bugs
That's a good point. I missed that. Yes, if the mandatory parse rejects template strings, I don
읽지 않음,
Public disclosure of responsibly disclosed SES bugs
That's a good point. I missed that. Yes, if the mandatory parse rejects template strings, I don
19. 1. 16.
Yehonathan Sharvit
, …
Mark Miller
16
19. 1. 13.
sanitized eval with Caja
Hi Yehonathan, I have gone through the public issues at https://github.com/Agoric/SES/issues , filed
읽지 않음,
sanitized eval with Caja
Hi Yehonathan, I have gone through the public issues at https://github.com/Agoric/SES/issues , filed
19. 1. 13.
Mike Stay
,
Mark Miller
6
19. 1. 9.
Status of other sources of SES?
Neither Agoric nor Salesforce are likely to invest effort backporting fixes into original-SES. I
읽지 않음,
Status of other sources of SES?
Neither Agoric nor Salesforce are likely to invest effort backporting fixes into original-SES. I
19. 1. 9.
Mark Miller
18. 12. 3.
POLA Would Have Prevented the Event-Stream Incident
The npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority
읽지 않음,
POLA Would Have Prevented the Event-Stream Incident
The npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority
18. 12. 3.
Michael FIG
18. 10. 30.
Strawman: defending from deep recursion and long loops
Hi, I have a simple browser test set up at: https://michaelfig.github.io/caja/exhaust.html I don'
읽지 않음,
Strawman: defending from deep recursion and long loops
Hi, I have a simple browser test set up at: https://michaelfig.github.io/caja/exhaust.html I don'
18. 10. 30.
Michael FIG
, …
Mark Miller
7
18. 10. 16.
Defending from long-running or infinite loops
On Mon, Oct 15, 2018 at 7:15 PM Michael FIG <kekit...@gmail.com> wrote: I think I will also
읽지 않음,
Defending from long-running or infinite loops
On Mon, Oct 15, 2018 at 7:15 PM Michael FIG <kekit...@gmail.com> wrote: I think I will also
18. 10. 16.
Kevin Reid
18. 4. 2.
Caja Security Advisory 2018-04-02
## Background Caja contains an optional feature, in the deprecated ES5/3 mode, to allow embedding
읽지 않음,
Caja Security Advisory 2018-04-02
## Background Caja contains an optional feature, in the deprecated ES5/3 mode, to allow embedding
18. 4. 2.
Marc H
, …
Mike Stay
9
18. 2. 12.
Script inclusion error
For the specific case of Math, you could shadow the real Math object with an object that merely
읽지 않음,
Script inclusion error
For the specific case of Math, you could shadow the real Math object with an object that merely
18. 2. 12.
Marc H
,
Kevin Reid
2
18. 2. 9.
Dynamic guest page embedding
On Fri, Feb 9, 2018 at 12:32 PM, Marc H <zappy...@gmail.com> wrote: I am trying to use Caja
읽지 않음,
Dynamic guest page embedding
On Fri, Feb 9, 2018 at 12:32 PM, Marc H <zappy...@gmail.com> wrote: I am trying to use Caja
18. 2. 9.
Kevin Reid
17. 11. 14.
Caja Security Advisory 2017-11-14
## Background Browsers have recently added new language features which allow executing code from a
읽지 않음,
Caja Security Advisory 2017-11-14
## Background Browsers have recently added new language features which allow executing code from a
17. 11. 14.
Mark Miller
3
17. 11. 4.
WASM and ocaps
On these lists, sometimes we cross-post when introducing a topic but then announce that further
읽지 않음,
WASM and ocaps
On these lists, sometimes we cross-post when introducing a topic but then announce that further
17. 11. 4.
My Routes
,
Kevin Reid
2
17. 11. 3.
Feature request: add 'allow-geolocation' to IFRAME sandbox mode in HtmlService
On Wed, Nov 1, 2017 at 8:20 AM, My Routes <myro...@gmail.com> wrote: In order for a cross-
읽지 않음,
Feature request: add 'allow-geolocation' to IFRAME sandbox mode in HtmlService
On Wed, Nov 1, 2017 at 8:20 AM, My Routes <myro...@gmail.com> wrote: In order for a cross-
17. 11. 3.
jwi...@lifelink.com
, …
Mike Stay
4
17. 8. 23.
Syntax error when following example code
In particular, there's this snippet: ------------------- Running guest JavaScript from content
읽지 않음,
Syntax error when following example code
In particular, there's this snippet: ------------------- Running guest JavaScript from content
17. 8. 23.
Doug Koellmer
, …
Mike Stay
13
17. 5. 25.
Reusing DIVs.
As far as destroying an interval goes, you can replace the existing setInterval function before
읽지 않음,
Reusing DIVs.
As far as destroying an interval goes, you can replace the existing setInterval function before
17. 5. 25.
Mark S. Miller
17. 5. 3.
CFP: OCAP 2017, Object-Capability Languages, Systems, and Applications
http://conf.researchr.org/track/ocap-2017/ocap-2017#Call-for-Presentations Call for Presentations The
읽지 않음,
CFP: OCAP 2017, Object-Capability Languages, Systems, and Applications
http://conf.researchr.org/track/ocap-2017/ocap-2017#Call-for-Presentations Call for Presentations The
17. 5. 3.
o x
,
Kevin Reid
3
17. 5. 2.
load caja from iframes and load the caja lib ones in window.parent.caja
thank you Kevin Reid! that did the the trick :) On Tuesday, May 2, 2017 at 11:50:02 PM UTC+7, Kevin
읽지 않음,
load caja from iframes and load the caja lib ones in window.parent.caja
thank you Kevin Reid! that did the the trick :) On Tuesday, May 2, 2017 at 11:50:02 PM UTC+7, Kevin
17. 5. 2.
o x
,
Kevin Reid
6
17. 5. 2.
how to unescape the content of guest before run?
ok thank you On Tuesday, May 2, 2017 at 11:17:54 PM UTC+7, Kevin Reid wrote: You'll have to
읽지 않음,
how to unescape the content of guest before run?
ok thank you On Tuesday, May 2, 2017 at 11:17:54 PM UTC+7, Kevin Reid wrote: You'll have to
17. 5. 2.
felbus
,
Kevin Reid
3
17. 4. 19.
allow base64 data uri
ok thanks, ill take a look.. On Monday, 17 April 2017 17:46:01 UTC+1, Kevin Reid wrote: On Mon, Apr
읽지 않음,
allow base64 data uri
ok thanks, ill take a look.. On Monday, 17 April 2017 17:46:01 UTC+1, Kevin Reid wrote: On Mon, Apr
17. 4. 19.
felbus
,
Kevin Reid
3
17. 4. 15.
Allow full display and interaction with Html Emails
yep, that worked, thanks On Friday, 14 April 2017 18:05:58 UTC+1, Kevin Reid wrote: On Fri, Apr 14,
읽지 않음,
Allow full display and interaction with Html Emails
yep, that worked, thanks On Friday, 14 April 2017 18:05:58 UTC+1, Kevin Reid wrote: On Fri, Apr 14,
17. 4. 15.
Vinod Patel
,
Kevin Reid
2
17. 4. 13.
Add third party scripts to guest code.
On Thu, Apr 13, 2017 at 4:39 AM, Vinod Patel <vinodpa...@gmail.com> wrote: is it possible
읽지 않음,
Add third party scripts to guest code.
On Thu, Apr 13, 2017 at 4:39 AM, Vinod Patel <vinodpa...@gmail.com> wrote: is it possible
17. 4. 13.
Tapan Anand
,
Kevin Reid
3
17. 3. 23.
Do iframes with src still work in Caja?
Awesome! Thanks :) On Thursday, 23 March 2017 21:30:20 UTC+5:30, Kevin Reid wrote: On Thu, Mar 23,
읽지 않음,
Do iframes with src still work in Caja?
Awesome! Thanks :) On Thursday, 23 March 2017 21:30:20 UTC+5:30, Kevin Reid wrote: On Thu, Mar 23,
17. 3. 23.
Mike Stay
, …
David Bruant
3
17. 3. 17.
Does ECMAScript2015's "import" keyword provide ambient authority to the filesystem?
Le 17/03/2017 à 03:57, 'Mark S. Miller' via Google Caja Discuss a écrit : [+lots] The current
읽지 않음,
Does ECMAScript2015's "import" keyword provide ambient authority to the filesystem?
Le 17/03/2017 à 03:57, 'Mark S. Miller' via Google Caja Discuss a écrit : [+lots] The current
17. 3. 17.
Mike Stay
2
16. 10. 6.
Example code for SES?
Accidentally hit send. On Thu, Oct 6, 2016 at 2:53 PM, Mike Stay <meta...@gmail.com> wrote:
읽지 않음,
Example code for SES?
Accidentally hit send. On Thu, Oct 6, 2016 at 2:53 PM, Mike Stay <meta...@gmail.com> wrote:
16. 10. 6.
Kevin Reid
16. 6. 1.
Caja security advisory 2016-05-31
## Background For applications which used the Google API tamings (not enabled by default), the taming
읽지 않음,
Caja security advisory 2016-05-31
## Background For applications which used the Google API tamings (not enabled by default), the taming
16. 6. 1.
re...@codereview-hr.appspotmail.com
,
fel...@gmail.com
2
16. 5. 31.
Update Selenium to 2.53.0. (issue 300240043 by kpreid@google.com)
lgtm https://codereview.appspot.com/300240043/
읽지 않음,
Update Selenium to 2.53.0. (issue 300240043 by kpreid@google.com)
lgtm https://codereview.appspot.com/300240043/
16. 5. 31.
re...@codereview-hr.appspotmail.com
,
eri...@gmail.com
2
16. 5. 27.
Fix ses.funcLike protection against non-identifier names. (issue 301810043 by kpreid@google.com)
LGTM https://codereview.appspot.com/301810043/
읽지 않음,
Fix ses.funcLike protection against non-identifier names. (issue 301810043 by kpreid@google.com)
LGTM https://codereview.appspot.com/301810043/
16. 5. 27.
Lukas Bombach
,
Kevin Reid
4
16. 5. 26.
Can Caja still be used in production?
On Tue, May 24, 2016 at 3:48 AM, 'Lukas Bombach' via Google Caja Discuss <google-caja-
읽지 않음,
Can Caja still be used in production?
On Tue, May 24, 2016 at 3:48 AM, 'Lukas Bombach' via Google Caja Discuss <google-caja-
16. 5. 26.
Kevin Reid
16. 5. 2.
Re: [Caja] How to pass HTML/JS data from DB to caja
On Sat, Apr 30, 2016 at 2:44 PM, eqSan <mehra...@gmail.com> wrote: I'm trying to call
읽지 않음,
Re: [Caja] How to pass HTML/JS data from DB to caja
On Sat, Apr 30, 2016 at 2:44 PM, eqSan <mehra...@gmail.com> wrote: I'm trying to call
16. 5. 2.