Grupos
Fazer login
Grupos
Google Caja Discuss
Conversas
Sobre
Enviar feedback
Ajuda
Google Caja Discuss
Entrar em contato com proprietários e gerentes
1 a 30 de 10391
Marcar tudo como lido
Denunciar grupo
0 selecionadas
Mike Power
, …
Mark S. Miller
4
14/01/2020
Caja performance recommendations
Well since the broad conclusion is not caja, and there are a great many ses discussions regarding
não lida,
Caja performance recommendations
Well since the broad conclusion is not caja, and there are a great many ses discussions regarding
14/01/2020
Kevin Reid
06/06/2019
Caja Security Advisory 2019-06-06
## Background When guest HTML contains an element that is not permitted by Caja's whitelist, it
não lida,
Caja Security Advisory 2019-06-06
## Background When guest HTML contains an element that is not permitted by Caja's whitelist, it
06/06/2019
Mark Miller
,
Kevin Reid
3
16/01/2019
Public disclosure of responsibly disclosed SES bugs
That's a good point. I missed that. Yes, if the mandatory parse rejects template strings, I don
não lida,
Public disclosure of responsibly disclosed SES bugs
That's a good point. I missed that. Yes, if the mandatory parse rejects template strings, I don
16/01/2019
Yehonathan Sharvit
, …
Mark Miller
16
13/01/2019
sanitized eval with Caja
Hi Yehonathan, I have gone through the public issues at https://github.com/Agoric/SES/issues , filed
não lida,
sanitized eval with Caja
Hi Yehonathan, I have gone through the public issues at https://github.com/Agoric/SES/issues , filed
13/01/2019
Mike Stay
,
Mark Miller
6
09/01/2019
Status of other sources of SES?
Neither Agoric nor Salesforce are likely to invest effort backporting fixes into original-SES. I
não lida,
Status of other sources of SES?
Neither Agoric nor Salesforce are likely to invest effort backporting fixes into original-SES. I
09/01/2019
Mark Miller
03/12/2018
POLA Would Have Prevented the Event-Stream Incident
The npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority
não lida,
POLA Would Have Prevented the Event-Stream Incident
The npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority
03/12/2018
Michael FIG
30/10/2018
Strawman: defending from deep recursion and long loops
Hi, I have a simple browser test set up at: https://michaelfig.github.io/caja/exhaust.html I don'
não lida,
Strawman: defending from deep recursion and long loops
Hi, I have a simple browser test set up at: https://michaelfig.github.io/caja/exhaust.html I don'
30/10/2018
Michael FIG
, …
Mark Miller
7
16/10/2018
Defending from long-running or infinite loops
On Mon, Oct 15, 2018 at 7:15 PM Michael FIG <kekit...@gmail.com> wrote: I think I will also
não lida,
Defending from long-running or infinite loops
On Mon, Oct 15, 2018 at 7:15 PM Michael FIG <kekit...@gmail.com> wrote: I think I will also
16/10/2018
Kevin Reid
02/04/2018
Caja Security Advisory 2018-04-02
## Background Caja contains an optional feature, in the deprecated ES5/3 mode, to allow embedding
não lida,
Caja Security Advisory 2018-04-02
## Background Caja contains an optional feature, in the deprecated ES5/3 mode, to allow embedding
02/04/2018
Marc H
, …
Mike Stay
9
12/02/2018
Script inclusion error
For the specific case of Math, you could shadow the real Math object with an object that merely
não lida,
Script inclusion error
For the specific case of Math, you could shadow the real Math object with an object that merely
12/02/2018
Marc H
,
Kevin Reid
2
09/02/2018
Dynamic guest page embedding
On Fri, Feb 9, 2018 at 12:32 PM, Marc H <zappy...@gmail.com> wrote: I am trying to use Caja
não lida,
Dynamic guest page embedding
On Fri, Feb 9, 2018 at 12:32 PM, Marc H <zappy...@gmail.com> wrote: I am trying to use Caja
09/02/2018
Kevin Reid
14/11/2017
Caja Security Advisory 2017-11-14
## Background Browsers have recently added new language features which allow executing code from a
não lida,
Caja Security Advisory 2017-11-14
## Background Browsers have recently added new language features which allow executing code from a
14/11/2017
Mark Miller
3
04/11/2017
WASM and ocaps
On these lists, sometimes we cross-post when introducing a topic but then announce that further
não lida,
WASM and ocaps
On these lists, sometimes we cross-post when introducing a topic but then announce that further
04/11/2017
My Routes
,
Kevin Reid
2
03/11/2017
Feature request: add 'allow-geolocation' to IFRAME sandbox mode in HtmlService
On Wed, Nov 1, 2017 at 8:20 AM, My Routes <myro...@gmail.com> wrote: In order for a cross-
não lida,
Feature request: add 'allow-geolocation' to IFRAME sandbox mode in HtmlService
On Wed, Nov 1, 2017 at 8:20 AM, My Routes <myro...@gmail.com> wrote: In order for a cross-
03/11/2017
jwi...@lifelink.com
, …
Mike Stay
4
23/08/2017
Syntax error when following example code
In particular, there's this snippet: ------------------- Running guest JavaScript from content
não lida,
Syntax error when following example code
In particular, there's this snippet: ------------------- Running guest JavaScript from content
23/08/2017
Doug Koellmer
, …
Mike Stay
13
25/05/2017
Reusing DIVs.
As far as destroying an interval goes, you can replace the existing setInterval function before
não lida,
Reusing DIVs.
As far as destroying an interval goes, you can replace the existing setInterval function before
25/05/2017
Mark S. Miller
03/05/2017
CFP: OCAP 2017, Object-Capability Languages, Systems, and Applications
http://conf.researchr.org/track/ocap-2017/ocap-2017#Call-for-Presentations Call for Presentations The
não lida,
CFP: OCAP 2017, Object-Capability Languages, Systems, and Applications
http://conf.researchr.org/track/ocap-2017/ocap-2017#Call-for-Presentations Call for Presentations The
03/05/2017
o x
,
Kevin Reid
3
02/05/2017
load caja from iframes and load the caja lib ones in window.parent.caja
thank you Kevin Reid! that did the the trick :) On Tuesday, May 2, 2017 at 11:50:02 PM UTC+7, Kevin
não lida,
load caja from iframes and load the caja lib ones in window.parent.caja
thank you Kevin Reid! that did the the trick :) On Tuesday, May 2, 2017 at 11:50:02 PM UTC+7, Kevin
02/05/2017
o x
,
Kevin Reid
6
02/05/2017
how to unescape the content of guest before run?
ok thank you On Tuesday, May 2, 2017 at 11:17:54 PM UTC+7, Kevin Reid wrote: You'll have to
não lida,
how to unescape the content of guest before run?
ok thank you On Tuesday, May 2, 2017 at 11:17:54 PM UTC+7, Kevin Reid wrote: You'll have to
02/05/2017
felbus
,
Kevin Reid
3
19/04/2017
allow base64 data uri
ok thanks, ill take a look.. On Monday, 17 April 2017 17:46:01 UTC+1, Kevin Reid wrote: On Mon, Apr
não lida,
allow base64 data uri
ok thanks, ill take a look.. On Monday, 17 April 2017 17:46:01 UTC+1, Kevin Reid wrote: On Mon, Apr
19/04/2017
felbus
,
Kevin Reid
3
15/04/2017
Allow full display and interaction with Html Emails
yep, that worked, thanks On Friday, 14 April 2017 18:05:58 UTC+1, Kevin Reid wrote: On Fri, Apr 14,
não lida,
Allow full display and interaction with Html Emails
yep, that worked, thanks On Friday, 14 April 2017 18:05:58 UTC+1, Kevin Reid wrote: On Fri, Apr 14,
15/04/2017
Vinod Patel
,
Kevin Reid
2
13/04/2017
Add third party scripts to guest code.
On Thu, Apr 13, 2017 at 4:39 AM, Vinod Patel <vinodpa...@gmail.com> wrote: is it possible
não lida,
Add third party scripts to guest code.
On Thu, Apr 13, 2017 at 4:39 AM, Vinod Patel <vinodpa...@gmail.com> wrote: is it possible
13/04/2017
Tapan Anand
,
Kevin Reid
3
23/03/2017
Do iframes with src still work in Caja?
Awesome! Thanks :) On Thursday, 23 March 2017 21:30:20 UTC+5:30, Kevin Reid wrote: On Thu, Mar 23,
não lida,
Do iframes with src still work in Caja?
Awesome! Thanks :) On Thursday, 23 March 2017 21:30:20 UTC+5:30, Kevin Reid wrote: On Thu, Mar 23,
23/03/2017
Mike Stay
, …
David Bruant
3
17/03/2017
Does ECMAScript2015's "import" keyword provide ambient authority to the filesystem?
Le 17/03/2017 à 03:57, 'Mark S. Miller' via Google Caja Discuss a écrit : [+lots] The current
não lida,
Does ECMAScript2015's "import" keyword provide ambient authority to the filesystem?
Le 17/03/2017 à 03:57, 'Mark S. Miller' via Google Caja Discuss a écrit : [+lots] The current
17/03/2017
Mike Stay
2
06/10/2016
Example code for SES?
Accidentally hit send. On Thu, Oct 6, 2016 at 2:53 PM, Mike Stay <meta...@gmail.com> wrote:
não lida,
Example code for SES?
Accidentally hit send. On Thu, Oct 6, 2016 at 2:53 PM, Mike Stay <meta...@gmail.com> wrote:
06/10/2016
Kevin Reid
01/06/2016
Caja security advisory 2016-05-31
## Background For applications which used the Google API tamings (not enabled by default), the taming
não lida,
Caja security advisory 2016-05-31
## Background For applications which used the Google API tamings (not enabled by default), the taming
01/06/2016
re...@codereview-hr.appspotmail.com
,
fel...@gmail.com
2
31/05/2016
Update Selenium to 2.53.0. (issue 300240043 by kpreid@google.com)
lgtm https://codereview.appspot.com/300240043/
não lida,
Update Selenium to 2.53.0. (issue 300240043 by kpreid@google.com)
lgtm https://codereview.appspot.com/300240043/
31/05/2016
re...@codereview-hr.appspotmail.com
,
eri...@gmail.com
2
27/05/2016
Fix ses.funcLike protection against non-identifier names. (issue 301810043 by kpreid@google.com)
LGTM https://codereview.appspot.com/301810043/
não lida,
Fix ses.funcLike protection against non-identifier names. (issue 301810043 by kpreid@google.com)
LGTM https://codereview.appspot.com/301810043/
27/05/2016
Lukas Bombach
,
Kevin Reid
4
26/05/2016
Can Caja still be used in production?
On Tue, May 24, 2016 at 3:48 AM, 'Lukas Bombach' via Google Caja Discuss <google-caja-
não lida,
Can Caja still be used in production?
On Tue, May 24, 2016 at 3:48 AM, 'Lukas Bombach' via Google Caja Discuss <google-caja-
26/05/2016
Kevin Reid
02/05/2016
Re: [Caja] How to pass HTML/JS data from DB to caja
On Sat, Apr 30, 2016 at 2:44 PM, eqSan <mehra...@gmail.com> wrote: I'm trying to call
não lida,
Re: [Caja] How to pass HTML/JS data from DB to caja
On Sat, Apr 30, 2016 at 2:44 PM, eqSan <mehra...@gmail.com> wrote: I'm trying to call
02/05/2016