Jeremy, If I may share a view on this, I do not mean to tell you something you know, but restate the need for openness, even while filling potential security gaps. I am seeking agreement or discussion.
On Wednesday, July 22, 2020 at 1:56:28 AM UTC+10, Jeremy Ruston wrote: > Cunning stuff, but it also reminds me that the core should really be > suppressing links to javascript: URIs. In this case, we should add a > “tm-close-window” message of course. > > It is a good idea to remove identified gaps such as this and provide a de jure method. What you say may be best practice and would be worthy of a default behaviour, especially when a tiddlywiki is internet facing, however please consider that Tiddlywikis versatility allows for many applications, I for one have a set of them running on my local machine, that only I can access and I use for desktop interaction and to take full control of my browser and desktop. In this case I am not keen to have restrictions imposed, restrictions that may be necessary for the "filthy internet", impact the local functionality/versatility. Other applications of tiddlywiki can take place in a secure LAN from local servers, apart from the fact such devices may already be hack-able on many levels, this can be a semi or wholly trusted environment. An example may be once a user logs in and has access to tiddlywiki, such as on a Raspberry Pi they may be keen to interact with the device hardware. The javascript uri function is used with bookmarks as well, and I make use of only a few so far, but they are a big productivity gain. I believe decisions already taken for robustness in the face of the internet have impacted the versatility off line, this includes lost opportunities for example I would like to freely save files locally without direct user involvement for automation. Best wishes Tony -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/e352fbdf-0bdd-4a66-a5a8-e1f0149327f9o%40googlegroups.com.
