[Project_owners] [OT] Some help needed

eric.jung at yahoo.com eric.jung at yahoo.com
Tue Feb 13 11:54:30 PST 2007

I understand now.

You can "extend the syntax" of the <form/> tag by checking the DOM in your extension after a POST/GET for <form/> elements which have attributes of security="openpgpgsigned". You can do this either with the DOM API or XPath. DOM API example:

var forms = document.getElementsByTagName("FORM");
for (var i in forms) {
  if ("OPENPGPSIGNED" == forms[i].getAttribute("SECURITY").toUpperCase()) {
    // do stuff

----- Original Message ----
From: Arturo 'Buanzo' Busleiman <buanzo at buanzo.com.ar>
To: Mozdev Project Owners List <project_owners at mozdev.org>
Sent: Tuesday, February 13, 2007 2:14:30 PM
Subject: Re: [Project_owners] [OT] Some help needed

Hash: SHA1

eric.jung at yahoo.com wrote:
> I'm not sure what your actual question is?

There is no definite question. I'm looking for a coding partner that would like to help out to
implement one specific need of the project. Enigform currently detects which POST requests should be
signed by checking if the first field in the payload is "__ENIGFORM=ToBeSigned&". That's a horrible
approach. I want to extend the syntax of the <FORM> tag definition by adding a
SECURITY="OpenPGPSigned" parameter, INSTEAD of a hidden field, so Enigform does not need to inspect
each POSTs payload.

Sorry if my English is not good enough to make myself clear.


- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
Mail Hosting Seguro y Consultoria - http://www.buanzo.com.ar/pro/
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

Project_owners mailing list
Project_owners at mozdev.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mozdev.org/pipermail/project_owners/attachments/20070213/d7170404/attachment.html 

More information about the Project_owners mailing list