On May 22, 2012, at 11:57 PM, Adam Barth <[email protected]> wrote:
> On Tue, May 22, 2012 at 9:16 PM, Maciej Stachowiak <[email protected]> wrote: >> It seems like making FileList mutable would serve the same use case and >> would also be more flexible (as you could upload a set of files collected >> from possibly multiple sources). And it seems like adding is a more likely >> desired behavior than replacing when dragging files onto a multi-file input. >> >> I have not yet fully thought through the security implications of either >> case. Do you have any security analysis you could share? For instance, is >> there an exhaustive list of ways a Web page could obtain a FileList, and are >> we confident that all are safe for this use? > > A FileList is just a list of File objects: > > http://www.w3.org/TR/FileAPI/#dfn-filelist > > Each File object represents the actual file, which means you can use > the File API to read the contents of the files on the client already. > >> Also: wouldn't anyone doing fancy drag-n-drop file upload be likely to use >> XHR for upload rather than a form submission? > > Not necessarily. In the applications that Nico was working on, he > wanted to combine the file upload with other form elements into one > POST to the server. Since XHR can upload an arbitrary FormData which it could construct from a FileList, I guess there is no additional risk. But, by the same token, XHR upload of FormData[1] already serves this use case in a more flexible way. You can even make a FormData from the contents of an html form and then add additional File objects. Making the change would (afaict) not serve any new use cases. At most it would be a convenience. Cheers, Maciej [1] <http://www.w3.org/TR/XMLHttpRequest/#interface-formdata>/
