I know it is stupid. I know browsers have this capability built in. I
know. I know. I know.
Still, is there a way to use javascript to enforce the same type of
cross-domain blocking that browsers implement, on pages from the same
server?
Let's say that I have several different pages on the same server - same
domain - but are authored by different people. I want to make sure that
one page cannot be used to see or manipulate another page on the same
server and domain - even if one page loads another in a frame.
Again, I know that this has been done in browsers for different domains.
My need is slightly different in that I want to prevent cross-page
scripting in the same domain on the same server without turning off
javascript completely.
Any help would be greatly appreciated.
jim
know. I know. I know.
Still, is there a way to use javascript to enforce the same type of
cross-domain blocking that browsers implement, on pages from the same
server?
Let's say that I have several different pages on the same server - same
domain - but are authored by different people. I want to make sure that
one page cannot be used to see or manipulate another page on the same
server and domain - even if one page loads another in a frame.
Again, I know that this has been done in browsers for different domains.
My need is slightly different in that I want to prevent cross-page
scripting in the same domain on the same server without turning off
javascript completely.
Any help would be greatly appreciated.
jim
Comment