thr3ads.net - Rails spinoffs - Will Firefox 3 Break Prototype? [May 2008]

If this information is useful, please help other people find it:
Share via:

Marty Hall

2008-May-29 21:45 UTC

Will Firefox 3 Break Prototype?

According to http://ejohn.org/blog/re-securing-json/ and
http://www.mozilla.com/en-US/firefox/3.0rc1/releasenotes/#whatsnew,
Firefox 3 will prohibit changes to global objects like Array. Does
this mean that Prototype and Scriptaculous will not work in Firefox 3?
Or did I misunderstand the new Firefox 3 security rules?

Cheers-

                  - Marty
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---

Andrew Kaspick

2008-May-29 21:50 UTC

head link

Re: Will Firefox 3 Break Prototype?

They don''t redefine those objects, they extend them.

On 5/29/08, Marty Hall
<javahacker-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:>
>  According to http://ejohn.org/blog/re-securing-json/ and
>  http://www.mozilla.com/en-US/firefox/3.0rc1/releasenotes/#whatsnew,
>  Firefox 3 will prohibit changes to global objects like Array. Does
>  this mean that Prototype and Scriptaculous will not work in Firefox 3?
>  Or did I misunderstand the new Firefox 3 security rules?
>
>  Cheers-
>
>                   - Marty
>  >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---

T.J. Crowder

2008-Jun-01 09:41 UTC

head link

Re: Will Firefox 3 Break Prototype?

Marty -

Did you download a nightly and try it?
--
T.J. Crowder
tj / crowder software / com

On May 29, 10:45 pm, Marty Hall
<javahac...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> According
tohttp://ejohn.org/blog/re-securing-json/andhttp://www.mozilla.com/en-US/firefox/3.0rc1/releasenotes/#whatsnew,
> Firefox 3 will prohibit changes to global objects like Array. Does
> this mean that Prototype and Scriptaculous will not work in Firefox 3?
> Or did I misunderstand the new Firefox 3 security rules?
>
> Cheers-
>
>                   - Marty--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---

Andy Koch

2008-Jun-02 15:46 UTC

head link

Re: Will Firefox 3 Break Prototype?

My experience with FireFox3 with an AJAX exclusive web app was the
Proto/Script worked ok, but FireBug was not ready.  That was maybe 2
months ago so FireBug might be game-day ready now.

On Jun 1, 2:41 am, "T.J. Crowder"
<tjcrow...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> Marty -
>
> Did you download a nightly and try it?
> --
> T.J. Crowder
> tj / crowder software / com
>
> On May 29, 10:45 pm, Marty Hall
<javahac...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > According
tohttp://ejohn.org/blog/re-securing-json/andhttp://www.mozilla.com/en-U...,
> > Firefox 3 will prohibit changes to global objects like Array. Does
> > this mean that Prototype and Scriptaculous will not work in Firefox 3?
> > Or did I misunderstand the new Firefox 3 security rules?
>
> > Cheers-
>
> >                   - Marty--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---

Justin Perkins

2008-Jun-02 15:52 UTC

head link

Re: Will Firefox 3 Break Prototype?

On Mon, Jun 2, 2008 at 10:46 AM, Andy Koch
<public-ybbjITnzjhesTnJN9+BGXg@public.gmane.org>
wrote:> so FireBug might be game-day ready now.
I don''t know about game-day ready, but it''s a lot better than
it was 2
months ago.

-justin

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---

Andrew Dupont

2008-Jun-02 22:18 UTC

head link

Re: Will Firefox 3 Break Prototype?

Prototype adds methods to Array.prototype. It doesn''t override the
Array() function itself (which is a theoretical attack vector for a
JSON exploit). Permissive JS environments allow anyone to redefine any
function, even constructors for basic data types — but Firefox 3 will
no longer allow redefinition of those constructors.

This doesn''t affect Prototype at all. Also, it should be noted that
the class system proposed for JS2/ES4 will likely harden all "native"
functions in a similar manner. (Classes themselves are immutable, but
still have prototypes behind them, so that you can add new things but
not redefine what already exists.)

Cheers,
Andrew

On May 29, 4:45 pm, Marty Hall
<javahac...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> According
tohttp://ejohn.org/blog/re-securing-json/andhttp://www.mozilla.com/en-US/firefox/3.0rc1/releasenotes/#whatsnew,
> Firefox 3 will prohibit changes to global objects like Array. Does
> this mean that Prototype and Scriptaculous will not work in Firefox 3?
> Or did I misunderstand the new Firefox 3 security rules?
>
> Cheers-
>
>                   - Marty--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---

Rails spinoffs - May 2008 - Will Firefox 3 Break Prototype?

Will Firefox 3 Break Prototype?

Re: Will Firefox 3 Break Prototype?

Re: Will Firefox 3 Break Prototype?

Re: Will Firefox 3 Break Prototype?

Re: Will Firefox 3 Break Prototype?

Re: Will Firefox 3 Break Prototype?