Search completed in 0.98 seconds.
WindowOrWorkerGlobalScope.crossOriginIsolated - Web APIs
the crossorigin
isolated read-only property of the windoworworkerglobalscope interface returns a boolean value that indicates whether a sharedarraybuffer can be sent via a window.postmessage() call.
... syntax var mycrossorigin
isolated = self.crossorigin
isolated; // or just crossorigin
isolated value a boolean value examples if(crossorigin
isolated) { // post sharedarraybuffer } else { // do something else } specifications specification status comment html living standardthe definition of 'crossorigin
isolated' in that specification.
MediaStreamTrack - Web APIs
mediastreamtrack.
isolated read only returns a boolean value which is true if the track is
isolated; that is, the track cannot be accessed by the document that owns the mediastreamtrack.
... isolationchange sent whenever the value of the
isolated property changes due to the document gaining or losing permission to access the track.
... specifications specification status comment identity for webrtcthe definition of '
isolated tracks' in that specification.
... candidate recommendation additional properties for
isolated track support media capture and streamsthe definition of 'mediastreamtrack' in that specification.
Components.utils.Sandbox
passing a content window object, setting wantxrays:true (default) and using an extended principal provides a clean,
isolated execution environment in which javascript code that needs web apis (such as accessing the window's dom) can be executed without interference from untrusted content code.
...true provides a safer,
isolated context.
Virtualenv
virtualenv tools virtualenv does one thing well: creates
isolated virtual environments of python packages.
...here are a few such tools: carton: make a self-extracting virtualenv from directories or urls of packages; http://pypi.python.org/pypi/carton velcro: a script that sets up a python project for local installation; https://bitbucket.org/kumar303/velcro/ virtualenvwrapper: a set of extensions to ian bicking’s virtualenv tool for creating
isolated python development environments; http://www.doughellmann.com/projects...tualenvwrapper the mozilla-central virtualenv in order to make use of various python modules located throughout mozilla-central, a virtualenv is created as part of the build process: http://mxr.mozilla.org/mozilla-central/source/js/src/build/autoconf/python-virtualenv.m4 .
MediaStreamConstraints - Web APIs
streams
isolated in this way can only be displayed in a media element (<audio> or <video>) where the content is protected just as if cors cross-origin rules were in effect.
... when a peer identity is set, mediastreamtracks from that peer have their
isolated flag set to true.
RTCPeerConnection - Web APIs
isolationchange sent to the rtcpeerconnection when the
isolated property on one of the mediastreamtrack objects associated with the connection changes value.
... a track is
isolated if its content cannot be accessed by the owning document due to lack of authentication or if the track comes from a cross-origin source.
window.postMessage() - Web APIs
secure shared memory messaging if postmessage() throws when used with sharedarraybuffer objects, you might need to make sure you cross-site
isolated your site properly.
...is gated behind two http headers: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp to check if cross origin isolation has been successful, you can test against the crossorigin
isolated property available to window and worker contexts: if (crossorigin
isolated) { // post sharedarraybuffer } else { // do something else } see also planned changes to shared memory which is starting to roll out to browsers (firefox 79, for example).
Planned changes to shared memory - JavaScript
to avoid having to check whether postmessage() throws, self.crossorigin
isolated is being standardized (a getter that returns a boolean; true if the headers are set), available in window and worker contexts.
... postmessage() changes and self.crossorigin
isolated: whatwg/html issue #4732, whatwg/html issue #4872, draft specification.
arabic-form - SVG: Scalable Vector Graphics
only one element is using this attribute: <glyph> context notes value initial | medial | terminal |
isolated default value
isolated animatable no initial this value indicates that the glyph represents the initial form.
...
isolated this value indicates that the glyph represents the
isolated form.
MMgc - Archive of obsolete content
in practice this means: setting a property on an object to another object (creating an arch in the reachabilty graph) native code that writes a pointer to a gc object into another gc object writing an object to a gc root 1 and 2 are pretty well
isolated.
The Joy of XUL - Archive of obsolete content
while such changes are extensive and affect most (if not all) of the application, they are also
isolated from one another, enabling the core xul definition and application logic to be shared among all of the custom versions.
Limitations of frame scripts
security restrictions on file access processes that host remote content are
isolated from the local system through a content security sandbox.
Gecko Profiler FAQ
for
isolated profiles i recommend profiling a separate browser instance with only the tab that you’re interested in.
SpiderMonkey 1.8.5
multithreaded programs are allowed, but each thread must operate on objects in a separate compartment,
isolated from the other threads.
nsIXPConnect
return value missing description exceptions thrown missing exception missing description native code only!evalinsandboxobject evaluate script in a sandbox, completely
isolated from all other running scripts.
MediaRecorder.onerror - Web APIs
this also happens when a mediastreamtrack within the stream is marked as
isolated due to the peeridentity constraint on the source stream.
MediaRecorder.start() - Web APIs
this also happens when a mediastreamtrack within the stream is marked as
isolated due to the peeridentity constraint on the source stream.
WindowOrWorkerGlobalScope - Web APIs
windoworworkerglobalscope.crossorigin
isolated read only returns a boolean value that indicates whether a sharedarraybuffer can be sent via a window.postmessage() call.
Resource URLs - HTTP
resources that have to be exposed to web content have been moved to a new location named resource://content-accessible/, which is
isolated and only contains non-sensitive resources.
CSP: trusted-types - HTTP
this allows authors to define rules guarding writing values to the dom and thus reducing the dom xss attack surface to small,
isolated parts of the web application codebase, facilitating their monitoring and code review.
Cross-Origin-Embedder-Policy - HTTP
to check if cross origin isolation has been successful, you can test against the crossorigin
isolated property available to window and worker contexts: if (crossorigin
isolated) { // post sharedarraybuffer } else { // do something else } avoiding coep blockage with cors if you enable coep using require-corp and have a cross origin resource that needs to be loaded, it needs to support cors and you need to explicitly mark the resource as loadable from another origin to avoid blockage from coe...
Cross-Origin-Opener-Policy - HTTP
to check if cross-origin isolation has been successful, you can test against the crossorigin
isolated property available to window and worker contexts: if (crossorigin
isolated) { // post sharedarraybuffer } else { // do something else } specifications specification html living standardthe definition of 'cross-origin-opener-policy header' in that specification.
HTTP Index - HTTP
this allows authors to define rules guarding writing values to the dom and thus reducing the dom xss attack surface to small,
isolated parts of the web application codebase, facilitating their monitoring and code review.
JavaScript modules - JavaScript
a background on modules javascript programs started off pretty small — most of its usage in the early days was to do
isolated scripting tasks, providing a bit of interactivity to your web pages where needed, so large scripts were generally not needed.
SharedArrayBuffer - JavaScript
o cross-origin isolate your site: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp to check if cross origin isolation has been successful, you can test against the crossorigin
isolated property available to window and worker contexts: if (crossorigin
isolated) { // post sharedarraybuffer } else { // do something else } see also planned changes to shared memory which is starting to roll out to browsers (firefox 79, for example.) always use the new operator to create a sharedarraybuffer sharedarraybuffer constructors are required to be constructed with a new operator.