W3C home > Mailing lists > Public > whatwg@whatwg.org > March 2009

[whatwg] Canvas - toTempURL - A dangerous proposal

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Fri, 27 Mar 2009 20:50:24 -0400
Message-ID: <49CD7450.6000409@mit.edu>
Charles Pritchard wrote:
> Having thought a little more about it (thank you for the feedback),
> returning a reference to a custom URL handler (up to the implementation)
> would resolve the security issues.
> 
> toTempURL returning...  customHandler://randomData.png [any kind of 
> reference],
> would work in the legacy platforms we're targeting, while allowing us 
> the flexibility
> of deciding just how to store the data (be it in RAM, or in an unknown 
> temporary file).

I guess I'm not clear on one thing: you can add support for 
customHandler:// to this platform but not support for data: ?

-Boris
Received on Friday, 27 March 2009 17:50:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 30 January 2013 18:47:49 GMT