On Wed, 07 May 2008 15:39:01 +0200, Charles McCathieNevile
<[EMAIL PROTECTED]> wrote:
Opera has a proposal for a specification that would revive (and
supersede) the file upload API that has been lingering so long as a
work item.
...
A draft is at http://dev.w3.org/2006/webapi/fileio/fil
On May 8, 2008, at 1:18 AM, Arve Bersvendsen wrote:
On Wed, 07 May 2008 20:57:25 +0100, Maciej Stachowiak
<[EMAIL PROTECTED]> wrote:
They both said that this proposal was only meant for things like
widgets, and agreed with my assessment that it would be a giant
security hole if exposed
On Wed, 07 May 2008 20:57:25 +0100, Maciej Stachowiak <[EMAIL PROTECTED]>
wrote:
They both said that this proposal was only meant for things like
widgets, and agreed with my assessment that it would be a giant security
hole if exposed to web content.
Without commenting further: Yes, in
Scott Shattuck wrote:
I'm not trying to be difficult, far from it. I'm just trying to truly
understand where you see things headed in this regard.
It's still in flux, but there's a general goal to not have ways for sites to
have expanded privileges. If you have use cases that require those,
On 7. May 2008, at 20:23, Scott Shattuck wrote:
Clearly if all i want is scratch area I don't need file system
access. But there are use cases for integrating a browser-based
application with the host operating system that can't be addressed
in that fashion. It's naive to imagine that th
On May 7, 2008, at 1:33 PM, Boris Zbarsky wrote:
Scott Shattuck wrote:
1) The script is running at a file:// URI
I believe it's key that future specification work keep in mind that
this isn't the rare case it used to be, it's one definition of "run
offline".
While true, note that Gecko
Hey Chaals,
On May 7, 2008, at 10:39 AM, Charles McCathieNevile wrote:
On Wed, 07 May 2008 16:47:06 +0100, Maciej Stachowiak
<[EMAIL PROTECTED]> wrote:
Yep. That's the idea.
Here are some of the more obvious security issues:
[several obviously interesting things]
6) Despite clearly hav
Scott Shattuck wrote:
1) The script is running at a file:// URI
I believe it's key that future specification work keep in mind that this
isn't the rare case it used to be, it's one definition of "run offline".
While true, note that Gecko also supports actual running offline of http URIs,
On May 7, 2008, at 1:14 PM, Boris Zbarsky wrote:
Scott Shattuck wrote:
This is possible today on IE and Mozilla with a single user-visible
security prompt.
That's only the case in Mozilla if:
1) The script is running at a file:// URI
I believe it's key that future specification work k
Scott Shattuck wrote:
This is possible today on IE and Mozilla with a single user-visible
security prompt.
That's only the case in Mozilla if:
1) The script is running at a file:// URI
or
2) The user has changed a hidden preference to allow random
sites to put up this prompt.
or
3)
On May 7, 2008, at 9:47 AM, Maciej Stachowiak wrote:
On May 7, 2008, at 6:39 AM, Charles McCathieNevile wrote:
Hi folks,
Opera has a proposal for a specification that would revive (and
supersede)
the file upload API that has been lingering so long as a work item.
In a nutshell, it pr
Charles McCathieNevile wrote:
On Wed, 07 May 2008 16:47:06 +0100, Maciej Stachowiak <[EMAIL PROTECTED]>
wrote:
On May 7, 2008, at 6:39 AM, Charles McCathieNevile wrote:
Hi folks,
Opera has a proposal for a specification that would revive (and
supersede)
the file upload API that has be
On Wed, 07 May 2008 16:47:06 +0100, Maciej Stachowiak <[EMAIL PROTECTED]>
wrote:
On May 7, 2008, at 6:39 AM, Charles McCathieNevile wrote:
Hi folks,
Opera has a proposal for a specification that would revive (and
supersede)
the file upload API that has been lingering so long as a work
On May 7, 2008, at 6:39 AM, Charles McCathieNevile wrote:
Hi folks,
Opera has a proposal for a specification that would revive (and
supersede)
the file upload API that has been lingering so long as a work item.
In a nutshell, it provides the ability for a web application to get a
filespa
14 matches
Mail list logo
