Followup on the eValid Same Origin Policy thread

Discussion of the technology underlying the eValid solution.

Followup on the eValid Same Origin Policy thread

Postby PercyR » Wed Mar 08, 2017 1:34 pm

Afternoon.

I'm intrigued with a forum post i read earlier on this technology forum thread.

Why does eValid's architecture avoids conflict with the "same origin" policy?

Thanks
PercyR
 
Posts: 1
Joined: Wed Mar 08, 2017 1:30 pm

Re: Followup on the eValid Same Origin Policy thread

Postby eValid » Thu Mar 09, 2017 2:31 pm

PercyR wrote:Afternoon.

I'm intrigued with a forum post i read earlier on this technology forum thread.

Why does eValid's architecture avoids conflict with the "same origin" policy?

Thanks


Thanks for asking PercyR

On this we have to be careful not to reveal some of the proprietary details of the eValid solution, but up to those limits here is the story.

eValid actually binds a complete browser in a kind of "control wrapper" for which the constraints of the same-origin policy don't apply because commands executed by evalid, and run by the browser API, don't have to check whether the requested action originated from the same website as the script parent.

Further, this is not a COM interface, which would make eValid executions dependent on each browser face having space on the Windows DeskTop.

We think of this as "direct execution of API commands" whereas excuting JavaScript is "implicit execution" and from the Desktops as "indirect execution".

Some of this same kind of thinking is incorporated in the forthcoming WebDrive W3C standard interface.

-- eValid Support
eValid
 
Posts: 2392
Joined: Tue Jan 01, 2008 12:48 pm
Location: USA


Return to Technology

Design Downloaded from free phpBB templates | free website templates | Free Web Buttons