## HOWTO: Bypass/evade the same origin policy security restriction

(A manifestation of this is Firefox's "Permission denied to call
method XMLHttpRequest.open" security exception.)

I never did completely figure this out, but the solution theoretically
involves putting

	user_pref("signed.applets.codebase_principal_support", true);

in prefs.js, then calling 

	netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead");

(pops up a confirmation dialog to the user) just before doing the call.

See:

  * [http://www.mozilla.org/projects/security/components/signed-scripts.html](http://www.mozilla.org/projects/security/components/signed-scripts.html)
  * [http://www.mozilla.org/projects/security/components/same-origin.html](http://www.mozilla.org/projects/security/components/same-origin.html)
  * [http://developer.mozilla.org/en/docs/Bypassing_Security_Restrictions_and_Signing_Code](http://developer.mozilla.org/en/docs/Bypassing_Security_Restrictions_and_Signing_Code)

### HOWTO: Disable access keys (shortcuts)

To [disable access keys](http://kb.mozillazine.org/Ui.key.contentAccess), so
you aren't surprised when you hit Ctrl-P, etc. set the
`ui.key.contentAccess` preference (access via the URL
[about:config](about:config)) to 0.

## FAQ: Where are older versions of Firefox?  (e.g. Firefox 2)

<http://www.mozilla.com/en-US/firefox/all-older.html>

## FAQ: Where are older versions of Firebug?  How to downgrade Firebug?

See, e.g.

<http://getfirebug.com/releases/firebug/1.2/>

## FAQ: How to test XPath queries?

The console exports the function `$x()` which can be used to perform
ad hoc XPath queries:

    $x('/html')