On Mon, Oct 18, 2010 at 11:28 AM, Drew Wilson <[email protected]> wrote:
> I believe it's a security feature. > > Imagine that you download foo.html into your C:/ - according to the logic > below, script running in foo.html should be able to read *any file on your > C:/ drive*. That seems scary to me. > > FWIW, chrome allows passing the --allow-file-access-from-files command line > flag to make it easier for developers to work locally without running an > HTTP server. > I wish it was an option for a tab (right-click on the tab -> "Allow File Access" or so), to make spontaneous hacking of a random html easier... > > -atw > >
