I made an interesting observation today that is
related to professionalism.
I looked for the following resource:
JavaScript Security: Signed Scripts
The reason, I read this in chapter 3 page 85 of this book:
AJAX and PHP: Building Responsive Web Applications.
You can make FireFox listen to all requests, even those coming from unsigned scripts by typing about:config in the address bar, and changing the value of signed.applets.codebase_principals_support to true.
Try it yourself. It is security related and can still be done in the latest version of FF. Message: Be careful if you shop on line from a computer using FF that is not under your control.
At the same time I made the following searches:
internet explorer security site:microsoft.com
First hit here:
Internet Explorer 6: Working with Internet Explorer 6 Security Settings
opera security site
pera.com
mozilla security site:mozilla.org
chrome security site:google.com
My conclusion:
- Mozilla and Opera are according to the above reported hits most professional on informing about their security model.
- It is very difficult to find information about the IE security model on microsoft.com.
- The top hit from Google here is Google Chrome Security and Privacy Risks - comp.internet.services.google | Google Groups
The other hits are not comparable to the top hits from Mozilla and Opera.
Another observation regarding browser configuration about
:config in FF and opera:config in Opera. FF gives you a warning. Great FireFox. But according to the above mentioned book page 84:
"You have no way of convincing Opera 8.5 to allow the JavaScript code to access a different server than the one it was loaded from."
I can not see that IE and Chrome have a similar option.