JavaScript Security Issues
Signed Script Policy comes with Netscape version 4.
In Navigator 3.0, one could use data tainting to get access to additional information.
- This was very clumsy and almost impossible to use and in particular to make precise
However, Navigator 4.0 replaces data tainting with the signed script policy. Because signed scripts provide greater security and greater precision than tainting, tainting has been disabled in Communicator 4.x.