- From: Michael A. Puls II <shadow2531@gmail.com>
- Date: Thu, 25 Feb 2010 00:09:32 -0500
- To: uri@w3.org, "Michael Wojcik" <Michael.Wojcik@microfocus.com>
On Wed, 24 Feb 2010 09:49:41 -0500, Michael Wojcik <Michael.Wojcik@microfocus.com> wrote: >> With that said, I think it'd be awesome if you could do something like: >> >> <a >> href="data:text/plain;charset=utf-8;filename=tada.txt;content- >> disposition=attachment,file_data">Save</a>. > > And is it the responsibility of the user agent, or of the user, to > ensure that there is no security risk in saving the file under the name > suggested by the URI? > > Considering how ready most users are to simply click through warnings > and confirmations, this looks like a great way for sites to drop > trojans, or place other malware at a known location so it can be > activated through another vector. > > I'd at least like to see a decent review of the security implications, > with reference to known attacks along similar vectors (eg the use of > content-disposition with email attachments), as part of the proposal. I would expect user agents to deal with the filename and content-disposition values security-wise in the same way they do when it's presented via http or in mime messages. For example, if you have: data:application/octet-stream;filename=foo.exe,file_data or data:application/x-msdownload;filename=foo.exe,file_data , UAs would only provide a save button in their dialog and no open button (well browsers that feel that it's important to do this at least). -- Michael
Received on Thursday, 25 February 2010 05:10:01 UTC