1252 Part V . Putting JavaScript to Work (Medical web site)
Friday, November 30th, 20071252 Part V . Putting JavaScript to Work Because NN4 s security alerts provided (at times excruciating) detail about the nature of the privilege being requested by the Web site, targets had various risk lev els and categories. These concerns are less of an issue in NN6, but they are pro vided here for your more complete understanding of the mechanisms beneath the Privilege Manager. Each target has associated with it a risk level (low, medium, or high) and two plain-language descriptions about the kinds of actions the target exposes to code. This information appears in the NN4 security privilege dialog box that faces a user the first time a particular signature requests privileges. All of the targets related to scripted access are medium or high risk, because they tend to open up local hard disk files and browser settings. Netscape has produced two categories of targets: primitive and macro. A primi tive target is the most limited target type. It usually confines itself to either reading or writing of a particular kind of data, such as a local file or browser preference. A macro target usually combines two or more primitive targets into a single target to simplify the user experience when your scripts require multiple kinds of access. For example, if your script must both read and write a local file, it could request privi leges for each direction, but the user would be presented with a quick succession of two similar-looking security dialog boxes. Instead, you can use a macro target that combines both reading and writing into the privilege. The user sees one secu rity dialog box, which, in NN4, explains that the request is for both read and write access to the local hard disk. Likely targets for scripted access include a combination of primitive and macro targets. Table 46-1 shows the most common script-related targets and the informa tion that appears in the security dialog box. For each call to netscape.security.PrivilegeManager.enablePrivilege(), you specify a single target name as a string, as in netscape.security.PrivilegeManager.enablePrivilege( UniversalBrowserRead ) This specification allows you to enable, revert, and disable individual privileges as required in your script. Table 46-1 Scripting-Related Privilege Targets Target Name Risk Short Description Long Description UniversalBrowserAccess High Reading or modifying browser data Reading or modifying browser data that may be considered private, such as a list of Web sites visited or the contents of Web forms you may have filled in. Modifications may also include creating windows that look like they belong to another program or positioning windows anywhere on the screen.
We recommend you use shared web hosting services, because many users agree that it is cheap, reliable and customer-satisfying webhost.