views:

156

answers:

0

I have a windows application with an embedded web control and I want to enable cross site scripting. Is this possible? From what I've read, IInternetSecurityManager.ProcessUrlAction does not allow this. It also sounds like IInternetSecurityManager.GetSecurityId might be able to solve this issue, however I haven't been able to get it to work or find an example on the web of someone getting it to work (but there are other people on the web who were also unable to make GetSecurityId work). Has anyone been able to enable XSS in an embedded web control?