Re: URI-scheme for bitcoin

Quote from: lachesis on June 16, 2010, 06:14:05
I think you’re misunderstanding the issue. My browser will always be able to go to 127.0.0.1 (barring some strange IE settings or a virus). If I type the address into the URL bar or click a link, it will work fine. However, it isn’t possible to use Javascript to complete POST requests between domains (or ports on the same domain).

That’s what I thought too.

Quote from: sirius-m on June 16, 2010, 08:26:14
Yeah, I meant to say that cross-domain javascript calls are forbidden, so you can’t call 127.0.0.1 from a javascript that doesn’t reside in 127.0.0.1. Come to think of it, it would be quite funny if browsers allowed malicious cross-domain javascript to change people’s Facebook pages etc.

Now I’m hearing a report that it IS possible for javascript to do a cross-domain POST request to 127.0.0.1.  Not other domains, but just specifically to that one.  Great…

If this is the case, then do not use the -server switch or bitcoind on a system where you do web browsing.

I’ll get started on adding the password field.

37,709 total views, 6 views today

https://bitcointalk.org/index.php?topic=55.msg4008#msg4008