On Fri, Jul 4, 2008 at 6:42 PM, Ivan Krstić
[EMAIL PROTECTED] wrote:
That said, the URI handler approach should be used sparingly. It's one
thing to allow starting an audio player by clicking an MP3 link in the
browser, and another to arbitrarily execute code (e.g. through an
execution
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eben Eliason wrote:
| I really don't see anything wrong with injecting a modal alert,
| displayed by Sugar, into this process if we must. Clicking on an mp3
| in Browse would reveal this alert, and ask for confirmation that the
| user wishes to open
On Mon, Jul 7, 2008 at 1:08 PM, Benjamin M. Schwartz
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eben Eliason wrote:
| I really don't see anything wrong with injecting a modal alert,
| displayed by Sugar, into this process if we must. Clicking on an mp3
| in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eben Eliason wrote:
| No, what I've described is precisely /not/ the details view.
OK. You want something whose function is the launcher component of the
Details view, but whose form is simplified so as not to fill the screen.
That's fine. Two
On Mon, Jul 7, 2008 at 1:29 PM, Benjamin M. Schwartz
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eben Eliason wrote:
| No, what I've described is precisely /not/ the details view.
OK. You want something whose function is the launcher component of the
Details
Finally: Ivan do you see security implications in a future
implementation of this approach which also allows the resulting
changes to an object launched in this manner from being passed back to
the invoking activity. For instance, consider a Website activity
which you can import source
On Jul 7, 2008, at 12:52 PM, Eben Eliason wrote:
On Fri, Jul 4, 2008 at 6:42 PM, Ivan Krstić
[EMAIL PROTECTED] wrote:
That said, the URI handler approach should be used sparingly. It's
one
thing to allow starting an audio player by clicking an MP3 link in
the
browser, and another to
On Mon, Jul 7, 2008 at 4:59 PM, Noah Kantrowitz [EMAIL PROTECTED] wrote:
On Jul 7, 2008, at 12:52 PM, Eben Eliason wrote:
On Fri, Jul 4, 2008 at 6:42 PM, Ivan Krstić
[EMAIL PROTECTED] wrote:
That said, the URI handler approach should be used sparingly. It's one
thing to allow starting an
Am 07.07.2008 um 23:22 schrieb Eben Eliason:
On Mon, Jul 7, 2008 at 4:59 PM, Noah Kantrowitz
[EMAIL PROTECTED] wrote:
On Jul 7, 2008, at 12:52 PM, Eben Eliason wrote:
On Fri, Jul 4, 2008 at 6:42 PM, Ivan Krstić
[EMAIL PROTECTED] wrote:
That said, the URI handler approach should be used
On Jul 5, 2008, at 9:27 AM, Jameson Chema Quinn wrote:
I do not think that URI's pointing to the local machine are what is
needed here.
Please try to make your messages simpler, shorter, and more to the
point. I often find them difficult to follow and give up. I didn't
read this one after
The message had two points. In point 1, the simpler, I just pointed out that
downloading a file and opening it by mime type is equivalent, security-wise,
to having a special URL handler. A UI can be worked out to reduce the needed
clicks.
In point 2, I basically argued that data should remember
On Fri, Jul 4, 2008 at 4:42 PM, Ivan Krstić
[EMAIL PROTECTED] wrote:
On Jul 4, 2008, at 1:37 PM, Edward Cherlin wrote:
My guess is that there is a way to secure the
process, but it might require some extra effort beyond a software fix,
like teachers whitelisting URLs for lessons. Or
On Fri, Jul 4, 2008 at 6:35 AM, Bryan Berry [EMAIL PROTECTED] wrote:
Greg wrote:
Thanks for keeping us apprised of your needs!
My pleasure.
I'm also not aware of any feasible design proposal which might address
your request. You need a precedent or engineering level suggestion to
move this
On Jul 4, 2008, at 1:37 PM, Edward Cherlin wrote:
My guess is that there is a way to secure the
process, but it might require some extra effort beyond a software fix,
like teachers whitelisting URLs for lessons. Or perhaps just
whitelisting our Moodle instances. Signed lesson plans? At any
14 matches
Mail list logo
