W3C home > Mailing lists > Public > public-webapi@w3.org > March 2006

RE: Safe copy and paste with scripts

From: Doug Schepers <doug@schepers.cc>
Date: Sun, 5 Mar 2006 14:23:41 +0100
To: "'Web APIs WG'" <public-webapi@w3.org>
Message-Id: <20060305132339.78F14195516@plunder.dreamhost.com>

Hi, Jonas-

Jonas Sicking wrote:
| 
| I am not 100% sure that abuse will be a bad enough problem to not add 
| this feature.

Glad to hear it. For my part, I am not 100% certain that there aren't
serious enough security concerns to block it, but I have yet to hear a
show-stopper.


| That said, any solution that tries to add UI to let the user 
| work around 
| problems in a proposed API is dead in the water. The majority 
| of users 
| have no idea what script is, and even fewer are going to 
| think to turn 
| to a 'disable script' button when something in their browser doesn't 
| seem to be working.

Fair enough. I'm not convinced, but I certainly don't think that any Spec
should mandate this... it was just an aside that attempted to indicate that
there are indirect ways that this and other issues might be handled. 

For now, as multiple people have pointed out, this is not an area of serious
abuse yet even though the functionality exists, and I am optimistic that it
will continue that way. If someone comes up with a killer suggestion on how
to preempt it, though, I'll happily support it.

Regards-
Doug

doug.schepers@vectoreal.com
www.vectoreal.com ...for scalable solutions.
 
Received on Sunday, 5 March 2006 13:23:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:53 GMT