- From: Maciej Stachowiak <mjs@apple.com>
- Date: Tue, 10 Apr 2007 23:27:09 -0700
- To: "Dailey, David P." <david.dailey@sru.edu>
- Cc: Dan Connolly <connolly@w3.org>, HTML WG <public-html@w3.org>, Håkon Wium Lie <howcome@opera.com>, Brendan Eich <brendan@mozilla.org>, "L. David Baron" <dbaron@dbaron.org>, David Hyatt <hyatt@apple.com>, lbolstad@opera.com
On Apr 10, 2007, at 8:10 PM, Dailey, David P. wrote:
> * Okay I guess I have to reveal the dumb question after all: does
> WHATWG allow for writing files client side? I see there is a super-
> cookie thing of some sort (the Storage interface), but I'm thinking
> of execCommand('SaveAs',false, '.txt') that was (is?) available in
> IE. About seven years ago I put together a little web app using VML
> (IE only) http://srufaculty.sru.edu/david.dailey/grapher/ -- the
> utility of being able to save files to the client (or open them)
> should be relatively self-evident. Reading files client-side was a
> mess, but writing was fairly straightforward with an ActiveX
> thingy. (do a google search: reading files javascript)
I think this would be a security risk unless there were careful
restrictions on where saved files could go, whether the client can
overwrite, and who can read saved files. It does sound useful but it
is hard to navigate the security issues.
Regards,
Maciej
Received on Wednesday, 11 April 2007 06:28:50 UTC