 | JavaScript | |||
|---|---|---|---|---|
| Prev | Home | Up | Next |
The data-tainting model was implemented in Netscape 3 but deprecated by version 4. It was never implemented in MSIE.
Rather than prevent access to data in other parts of the browser space, it allows full access even to private data. However, that access marked the data as tainted and any values that were derived from it were also tainted. Tainted data values could not be sent back to the server and in fact were not permitted to leave the client.
These capabilities were not used very much in production systems and have now been superseded by the signed scripts and privilege model.
| See also: | Restricted access, Security policy, Signed scripts |
| Prev | Home | Next |
| Data Type | Up | database object |
JavaScript Programmer's Reference, Cliff Wootton Wrox Press (www.wrox.com) Join the Wrox JavaScript forum at p2p.wrox.com Please report problems to support@wrox.com © 2001 Wrox Press. All Rights Reserved. Terms and conditions. | ||