W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2009

Re: Rename “File API” to “FileReader API”?

From: Arve Bersvendsen <arveb@opera.com>
Date: Wed, 11 Nov 2009 09:36:58 +0100
To: "Maciej Stachowiak" <mjs@apple.com>, "Robin Berjon" <robin@berjon.com>
Cc: public-device-apis@w3.org, "public-webapps WG" <public-webapps@w3.org>
Message-ID: <op.u2717wh5byn2jm@galactica>
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak <mjs@apple.com>  
wrote:

> I think file writing (once the script has securely received a file  
> handle) has different security considerations than directory  
> manipulation and opening of arbitrary files. File writing should be  
> designed with the browser security model in mind, because it's something  
> that is reasonable to expose to Web content, given the right model for  
> getting a writable handle (private use area or explicitly chosen by the  
> user via "Save As" dialog)

Note that both explicit content and private use areas/sandboxes has  
security implications.
-- 
Arve Bersvendsen

Opera Software ASA, http://www.opera.com/
Received on Wednesday, 11 November 2009 08:37:38 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:35 GMT