Re: Proposal to Adopt HTML5 -- procedural issue

David Dailey:
> >* Okay I guess I have to reveal the dumb question after all: does  
> >WHATWG allow for writing files client side? I see there is a super- 
> >cookie thing of some sort (the Storage interface), but I'm thinking  
> >of execCommand('SaveAs',false, '.txt') that was (is?) available in  
> >IE. About seven years ago I put together a little web app using VML  
> >(IE only) http://srufaculty.sru.edu/david.dailey/grapher/ -- the  
> >utility of being able to save files to the client (or open them)  
> >should be relatively self-evident. Reading files client-side was a  
> >mess, but writing was fairly straightforward with an ActiveX  
> >thingy.  (do a google search: reading files javascript)

Maciej Stachowiak:
> I think this would be a security risk unless there were careful  
> restrictions on where saved files could go, whether the client can  
> overwrite, and who can read saved files. It does sound useful but it  
> is hard to navigate the security issues.

I agree.  For this particular case you could construct a data: URI and
have the browser navigate to it, so that the user could then save the
file you want.

-- 
Cameron McCormack, http://mcc.id.au/
 xmpp:heycam@jabber.org  ▪  ICQ 26955922  ▪  MSN cam@mcc.id.au

Received on Wednesday, 11 April 2007 06:38:43 UTC