I asked myself the same question, a few minutes after posting my reply.
At this point, I'm really not sure.
My concern is that the string length for a URL may be limited,
somewhere in the platform.
If that's the case, a 1 meg data: url would overwhelm the
mechanism leading to the handler.
But as I've not tested the theory,
I don't have a leg to stand on.
-Charles
Boris Zbarsky wrote:
Charles Pritchard wrote:
Having thought a little more about it (thank you for the feedback),
returning a reference to a custom URL handler (up to the implementation)
would resolve the security issues.
toTempURL returning... customHandler://randomData.png [any kind of
reference],
would work in the legacy platforms we're targeting, while allowing us
the flexibility
of deciding just how to store the data (be it in RAM, or in an
unknown temporary file).
I guess I'm not clear on one thing: you can add support for
customHandler:// to this platform but not support for data: ?
-Boris
