Search:

Type: Posts; User: Belgabor

Page 1 of 6 1 2 3 4

Search: Search took 0.01 seconds.

  1. Replies
    5
    Views
    2,596

    I currently don't need it and other things are...

    I currently don't need it and other things are more pressing, but looking at the source of Provider/CookieProvider this should be pretty straightforward and easy to implement. Provider already...
  2. Replies
    5
    Views
    2,596

    I haven't looked into state presistence yet, but...

    I haven't looked into state presistence yet, but from a quick glance into the docs I guess you don't need to change state.Manager, you "only" have to implement a state.Provider decendant that stores...
  3. Replies
    15
    Views
    8,788

    Any news? I guess a lot of people are...

    Any news?

    I guess a lot of people are interested in this, so why not make it a SourceForge project?
  4. Replies
    5
    Views
    1,739

    It seems to be a problem with the size...

    It seems to be a problem with the size recalculation. I just noticed that the error reappears if I resize the viewport (after 'fixing' it with a tab switch).
  5. You guys could have a look at my AjaxForm class...

    You guys could have a look at my AjaxForm class (shown on my page in my signature). It stems from pre-ext-form times, so it does currently not enhance/modify Ext.form.Form, but I plan to merge it in...
  6. Replies
    37
    Views
    12,936

    Personally I think it all comes up to the usage...

    Personally I think it all comes up to the usage model of the app. Iframe pages eat more memory (which could be optimizied by a modularized injection approach) but can be discarded leakfree (at least...
  7. Replies
    34
    Views
    11,923

    Your reworked example lacks a DOCTYPE, therefore...

    Your reworked example lacks a DOCTYPE, therefore it's not possible to judge it's validity ;)
  8. Replies
    3
    Views
    1,564

    Really? :)) =D> Microsoft

    Really? :))
    =D> Microsoft
  9. Replies
    3
    Views
    1,564

    BLANK_IMAGE_URL, why not a data URI?

    Out of curiosity, is there a compelling reason not to use a data uri for the BLANK_IMAGE_URL in the ext distribution? I guess there are still a lot of people that forget to change this and wonder why...
  10. Replies
    37
    Views
    12,936

    I don't think this saves memory, it just reduces...

    I don't think this saves memory, it just reduces load time. Things are imported from the mom page, but have to be injected into the child, where they take up the same amount of memory as if they were...
  11. Replies
    5
    Views
    1,739

    Good question. I didn't follow the forums closely...

    Good question. I didn't follow the forums closely and just spotted beta2 at the old place, so I missed the release ^^'
    I'll check with 1.0 asap.
    Edit: Same problem in 1.0.
  12. Replies
    5
    Views
    1,739

    Yes, as written on the about page =) The page...

    Yes, as written on the about page =)
    The page will be out-of-order for about half an hour as I upgrade it to beta2. Most likely the URL will change afterwards.
  13. Replies
    6
    Views
    2,034

    Well, as soon as you have more than 1 column, you...

    Well, as soon as you have more than 1 column, you have a column change (ok, maybe I should have worded it differently). To rephrase: Some examples have more than one fieldset per column, but none has...
  14. Replies
    7
    Views
    3,716

    Fixed in beta2. Thanks a lot!

    Fixed in beta2. Thanks a lot!
  15. Replies
    6
    Views
    2,034

    He asked for a column change inside a fieldset,...

    He asked for a column change inside a fieldset, none of that is in the example ;)
  16. Replies
    5
    Views
    1,739

    Display problems in FF2 since beta2

    Hi people,

    I've upgraded to beta2 (from beta1) yesterday and now suffer from a strange display bug(?) in FireFox 2(.0.0.3 linux). It worked in beta1. It also works (now) in Opera 9.2

    Edit: I've...
  17. Replies
    46
    Views
    19,752

    I thought of the json JS lib available from...

    I thought of the json JS lib available from json.org. It also uses eval, but does a bit more to protect you from harmful code in the response. Alas by design it does not (and cannot) protect from...
  18. Replies
    46
    Views
    19,752

    Jeff, I think the problem might be that if you...

    Jeff, I think the problem might be that if you add the capture code, the error might be thrown too late, ie the capture is already done then. I haven't checked this though.
    Also I think it was first...
  19. Replies
    46
    Views
    19,752

    Personally I think only JSON is the problem, not...

    Personally I think only JSON is the problem, not eval (at least not as the function you write it in your JS code) as you cannot circumvent the attack by using a JS JSON decoder that doesn't use eval....
  20. Replies
    46
    Views
    19,752

    No, it's not. The point is that an attacker's...

    No, it's not. The point is that an attacker's website (where the victim has to be lured to) poses as the legitimate application and circumvents the on-host policy with a script tag. Normally this...
  21. Replies
    46
    Views
    19,752

    Are you sure? The line can be perfectly secure,...

    Are you sure? The line can be perfectly secure, but in this case the endpoint is compromised.

    As I understand it for this case, SSL would be like having a mobile phone with a secure line. This...
  22. Replies
    46
    Views
    19,752

    I currently think it is an issue, even if you use...

    I currently think it is an issue, even if you use SSL. Depends on how browsers handle https in cross-site script tags in relation to the page containing them being http/https with a different...
  23. Replies
    46
    Views
    19,752

    Could somebody please read the paper and confirm...

    Could somebody please read the paper and confirm for sure that this really isn't an issue if you use SSL? If I understood correctly it is not an injection method, it's more similar to an "automated"...
  24. Replies
    46
    Views
    19,752

    Edit: I think I got now how it's supposed to...

    Edit: I think I got now how it's supposed to work. It requires that the browser sends the cookies for the site in the script tag's href with it and that those cookies include a valid session id. I...
  25. Replies
    46
    Views
    19,752

    Yes and no. Part of their recommendations is it...

    Yes and no. Part of their recommendations is it to make the 'bare' JSON response non-evalable by adding JS "kill" instructions (comments or prepending 'while(1);'). As Ext evals JSON responses...
Results 1 to 25 of 140
Page 1 of 6 1 2 3 4