The Mozilla docs on JavaScript security give a hint of hope that signed scripts will work around the cross-domain script exclusions that all good browsers enforce. But an item at DevArticles.com throws water on the idea:
Signed scripts are primarily useful in an intranet environment; they’re not so useful on the Web in general. To see [...]

Posted September 20, 2005 by Casey Bisson
Categories: Libraries & Networked Information, Technology. Tags: cross domain, cross domain script exclusion, cross domain scripting, internet security, intranet environment, javascript, javascript security, mozilla, security, security components, signed script, signed scripts, web scripting, web security, xdomain, xmlhttprequest. One Comment.

I have plans to apply AJAX to our library catalog but I’m running into a problem where I can’t do XMLHttpRequest events to servers other than the one I loaded the main webpage from. Mozilla calls it the “same origin policy,” everyone else calls it a cross-domain script exclusion, or something like that.
Some Mozilla folks [...]

Posted September 19, 2005 by Casey Bisson
Categories: Libraries & Networked Information, Technology. Tags: ajax, apple, browser security, browsers, cross domain, cross domain script exclusion, frustration, iframe, javascript, mozilla, remote scripting, web application, web applications, xdomain, xmlhttprequest. 5 Comments.