Search Type: Posts; User: Belgabor

Page 1 of 5 1 2 3 4

Search: Search took 0.03 seconds.

  1. I currently don't need it and other things are more pressing, but looking at the source of Provider/CookieProvider this should be pretty straightforward and easy to implement. Provider already...
  2. I haven't looked into state presistence yet, but from a quick glance into the docs I guess you don't need to change state.Manager, you "only" have to implement a state.Provider decendant that stores...
  3. Replies
    15
    Views
    8,016
    Any news?

    I guess a lot of people are interested in this, so why not make it a SourceForge project?
  4. It seems to be a problem with the size recalculation. I just noticed that the error reappears if I resize the viewport (after 'fixing' it with a tab switch).
  5. You guys could have a look at my AjaxForm class (shown on my page in my signature). It stems from pre-ext-form times, so it does currently not enhance/modify Ext.form.Form, but I plan to merge it in...
  6. Replies
    37
    Views
    12,282
    Personally I think it all comes up to the usage model of the app. Iframe pages eat more memory (which could be optimizied by a modularized injection approach) but can be discarded leakfree (at least...
  7. Replies
    34
    Views
    10,158
    Your reworked example lacks a DOCTYPE, therefore it's not possible to judge it's validity ;)
  8. Really? :))
    =D> Microsoft
  9. Out of curiosity, is there a compelling reason not to use a data uri for the BLANK_IMAGE_URL in the ext distribution? I guess there are still a lot of people that forget to change this and wonder why...
  10. Replies
    37
    Views
    12,282
    I don't think this saves memory, it just reduces load time. Things are imported from the mom page, but have to be injected into the child, where they take up the same amount of memory as if they were...
  11. Good question. I didn't follow the forums closely and just spotted beta2 at the old place, so I missed the release ^^'
    I'll check with 1.0 asap.
    Edit: Same problem in 1.0.
  12. Yes, as written on the about page =)
    The page will be out-of-order for about half an hour as I upgrade it to beta2. Most likely the URL will change afterwards.
  13. Replies
    6
    Views
    1,840
    Well, as soon as you have more than 1 column, you have a column change (ok, maybe I should have worded it differently). To rephrase: Some examples have more than one fieldset per column, but none has...
  14. Replies
    7
    Views
    3,448
    Fixed in beta2. Thanks a lot!
  15. Replies
    6
    Views
    1,840
    He asked for a column change inside a fieldset, none of that is in the example ;)
  16. Hi people,

    I've upgraded to beta2 (from beta1) yesterday and now suffer from a strange display bug(?) in FireFox 2(.0.0.3 linux). It worked in beta1. It also works (now) in Opera 9.2

    Edit: I've...
  17. Replies
    46
    Views
    17,940
    I thought of the json JS lib available from json.org. It also uses eval, but does a bit more to protect you from harmful code in the response. Alas by design it does not (and cannot) protect from...
  18. Replies
    46
    Views
    17,940
    Jeff, I think the problem might be that if you add the capture code, the error might be thrown too late, ie the capture is already done then. I haven't checked this though.
    Also I think it was first...
  19. Replies
    46
    Views
    17,940
    Personally I think only JSON is the problem, not eval (at least not as the function you write it in your JS code) as you cannot circumvent the attack by using a JS JSON decoder that doesn't use eval....
  20. Replies
    46
    Views
    17,940
    No, it's not. The point is that an attacker's website (where the victim has to be lured to) poses as the legitimate application and circumvents the on-host policy with a script tag. Normally this...
  21. Replies
    46
    Views
    17,940
    Are you sure? The line can be perfectly secure, but in this case the endpoint is compromised.

    As I understand it for this case, SSL would be like having a mobile phone with a secure line. This...
  22. Replies
    46
    Views
    17,940
    I currently think it is an issue, even if you use SSL. Depends on how browsers handle https in cross-site script tags in relation to the page containing them being http/https with a different...
  23. Replies
    46
    Views
    17,940
    Could somebody please read the paper and confirm for sure that this really isn't an issue if you use SSL? If I understood correctly it is not an injection method, it's more similar to an "automated"...
  24. Replies
    46
    Views
    17,940
    Edit: I think I got now how it's supposed to work. It requires that the browser sends the cookies for the site in the script tag's href with it and that those cookies include a valid session id. I...
  25. Replies
    46
    Views
    17,940
    Yes and no. Part of their recommendations is it to make the 'bare' JSON response non-evalable by adding JS "kill" instructions (comments or prepending 'while(1);'). As Ext evals JSON responses...
Results 1 to 25 of 119
Page 1 of 5 1 2 3 4