Re: [FileSystem]: URI format, uses
Le 23 janv. 2011 à 18:13, Glenn Maynard a écrit : But that's the point: when you put pictures (or tax forms, or other private files) on a webserver, you have mechanisms for access control. You wouldn't put private files on a publically-accessible webserver; you put them on a password-protected one. In fact many people do without knowing on many current sites. There is a notion of subtle opacity, aka something which is part of the public but more difficult to access. It has its good and bad social impacts. For example, if you have a flickr account, put an image with a limited shared context. Now find the exact URI of the image. It should be starting with static.flickr.com. Unlog, put this URI into your browser and you should be able to access the image. -- Karl Dubost - http://dev.opera.com/ Developer Relations Tools, Opera Software
Re: [FileSystem]: URI format, uses
On Jan 22, 2011, at 01:04 , Glenn Maynard wrote: Putting family photos in a directory and giving a webpage access to it isn't the same as putting them on a publically-accessible webserver. How so? -- Robin Berjon - http://berjon.com/
Re: [FileSystem]: URI format, uses
On Sun, Jan 23, 2011 at 1:55 PM, Robin Berjon ro...@berjon.com wrote: On Jan 22, 2011, at 01:04 , Glenn Maynard wrote: Putting family photos in a directory and giving a webpage access to it isn't the same as putting them on a publically-accessible webserver. How so? One makes them accessible to a single webpage, the other makes them publically accessible to the entire world. -- Glenn Maynard
Re: [FileSystem]: URI format, uses
On Sun, 23 Jan 2011 22:27:56 +0100, Glenn Maynard gl...@zewt.org wrote: On Sun, Jan 23, 2011 at 1:55 PM, Robin Berjon ro...@berjon.com wrote: On Jan 22, 2011, at 01:04 , Glenn Maynard wrote: Putting family photos in a directory and giving a webpage access to it isn't the same as putting them on a publically-accessible webserver. How so? One makes them accessible to a single webpage, the other makes them publically accessible to the entire world. Not in my experience. People put them somewhere on facebook.com or skype.com or something, which makes them accessible through a very small number of single webpages. And often without loggin in, those are not actually available to anyone. So as a user, it seems functionally the same except the particular hoops for putting things online which are different in every single case. cheers Chaals -- Charles McCathieNevile Opera Software, Standards Group je parle français -- hablo español -- jeg lærer norsk http://my.opera.com/chaals Try Opera: http://www.opera.com
Re: [FileSystem]: URI format, uses
On Sun, Jan 23, 2011 at 5:50 PM, Charles McCathieNevile cha...@opera.com wrote: Not in my experience. People put them somewhere on facebook.com or skype.com or something, which makes them accessible through a very small number of single webpages. And often without loggin in, those are not actually available to anyone. So as a user, it seems functionally the same except the particular hoops for putting things online which are different in every single case. But that's the point: when you put pictures (or tax forms, or other private files) on a webserver, you have mechanisms for access control. You wouldn't put private files on a publically-accessible webserver; you put them on a password-protected one. If cross-origin access is allowed for filesystem URLs, that's akin to putting them on a webserver with no access control. Maybe access control mechanisms should exist for it (personally I think that only makes sense for createObjectURL, not filesystem URIs); but as long as they don't, filesystem URLs should be private to the origin. -- Glenn Maynard
[FileSystem]: URI format, uses
The Entry.toURI method specified in the FileSystem spec [1] currently
has an open issue to define its format. I believe we also need to
describe the ways in which it can and cannot be used, as some
potential uses may have security implications.
I propose the following format:
filesystem:{protocol}://{domain}[:port]/{storage type}/{path}
e.g. filesystem:https://www.google.com/persistent/images/logo.png
I think that, for the domain that owns the asset referred to by the
URI, pretty much any reasonable use should be allowed:
video/audio/img/iframe/script sources, XHR [GET only], etc. I'm
iffier on allowing any access to other origins, even for e.g. img
sources, even though they're normally allowed cross-origin. I'd love
to hear security arguments against and use cases for cross-origin
access. Of course, it's always easiest/safest to start out not
allowing such a thing and relax the rules later.
Thanks in advance for any comments.
Eric Uhrhane
er...@google.com
[1] http://dev.w3.org/2009/dap/file-system/file-dir-sys.html#widl-Entry-toURI
Re: [FileSystem]: URI format, uses
On Fri, Jan 21, 2011 at 6:12 PM, Eric Uhrhane er...@google.com wrote: I think that, for the domain that owns the asset referred to by the URI, pretty much any reasonable use should be allowed: video/audio/img/iframe/script sources, XHR [GET only], etc. I'm iffier on allowing any access to other origins, even for e.g. img sources, even though they're normally allowed cross-origin. I'd love to hear security arguments against and use cases for cross-origin access. Of course, it's always easiest/safest to start out not allowing such a thing and relax the rules later. Putting family photos in a directory and giving a webpage access to it isn't the same as putting them on a publically-accessible webserver. I think no cross-origin access should be allowed. I do think there should be a mechanism within createObjectURL to allow cross-origin access, which could be then used with a File created from an Entry. I don't think that makes sense for Entry URIs, though. -- Glenn Maynard
