While I agree that Javascript and cookies should be required, it should not silently fail if a person doesn't have either of them enabled. Some kind of error is always appreciated here. Mike
On Sun, Nov 25, 2012 at 4:13 PM, Simon Brereton <[email protected]>wrote: > Yes - for this one site. Which I'd trust. But short of using owncloud in > a separate browser I'm forced to accept ask session cookies just to > accommodate the few I can trust. > > Ditto the Javascript. > > Simon > > On Nov 25, 2012 4:46 PM, "Frank Karlitschek" <[email protected]> wrote: > > > > > > On 25.11.2012, at 22:24, Simon Brereton <[email protected]> > wrote: > > > > > Do you have a link for that assertion? > > > > > > > http://arstechnica.com/security/2012/10/firefox-16-vulnerability-attack-code-available-online/ > > > > > > It would seem to me that Javascript is still an issue. > > > > That was a Firefox bug that is already fixed. > > > > > > > Cookies may not present a security issue, but a privacy one, and > unless you're prepared to undergo a lot of effort allowing them on a > per-site basis is a lot of work most people baulk at. > > > > ownCloud is using only session cookies that are automatically removed > when you close your browser and they are only send to ownCloud server. No > privacy problem here. > > > > Frank > > > > > > > The more software on the internet works without cookies and without > Javascript the safer the world is in general. > > > > > > Simon > > > > > > On Nov 25, 2012 12:11 PM, "Frank Karlitschek" <[email protected]> > wrote: > > > > > > > > Hi Mikko, > > > > > > > > thanks for thew bug report. > > > > Unfortunately we don´t plan to support browsers without support for > cookies and javascript at the moment. > > > > This would restrict our possibilities in the web interface > significantly and would lead to a second completely different interface. > > > > > > > > (Session)-Cookies and javascript aren´t considered harmful or > insecure nowadays. Most security people even think that having the session > ID in the url is less secure than in a session cookie. > > > > > > > > Why do you think this is a problem? > > > > > > > > The problem with ogg files is a known limitation at the moment. I > hope someone improves this in the future. > > > > > > > > > > > > Frank > > > > > > > > > > > > > > > > On 25.11.2012, at 17:23, Mikko V. Viinamäki < > [email protected]> wrote: > > > > > > > > > Hi! > > > > > > > > > > Since I don't have a github account... I noticed the web interface > fails silently in case you don't allow cookies and same if you don't allow > JavaScript. Also, this .ogg file was not added onto the music tab in the > interface http://commons.wikimedia.org/wiki/File:BedBugs%26SaltyDog.ogg I > wonder why? > > > > > > > > > > Besides that, owncloud's looking pretty slick! > > > > > > > > > > Mikko > > > > > _______________________________________________ > > > > > Owncloud mailing list > > > > > [email protected] > > > > > https://mail.kde.org/mailman/listinfo/owncloud > > > > > > > > _______________________________________________ > > > > Owncloud mailing list > > > > [email protected] > > > > https://mail.kde.org/mailman/listinfo/owncloud > > > > _______________________________________________ > Owncloud mailing list > [email protected] > https://mail.kde.org/mailman/listinfo/owncloud > >
_______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
