W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > June 2011

[Bug 12820] Hi guys, I am finding it frustrating that security features prevent me from writing a useful app in HTML5 that will run solely on the client machine. It seems that windows can talk to each other if their is a parent / child relationship - UNLESS you load

From: <bugzilla@jessica.w3.org>
Date: Sun, 26 Jun 2011 22:59:35 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1QayIh-0000QB-TN@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=12820

Aryeh Gregor <Simetrical+w3cbug@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |Simetrical+w3cbug@gmail.com
         Resolution|                            |WONTFIX

--- Comment #2 from Aryeh Gregor <Simetrical+w3cbug@gmail.com> 2011-06-26 22:59:34 UTC ---
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are
satisfied with this response, please change the state of this bug to CLOSED. If
you have additional information and would like the Editor to reconsider, please
reopen this bug. If you would like to escalate the issue to the full HTML
Working Group, please add the TrackerRequest keyword to this bug, and suggest
title and text for the Tracker Issue; or you may create a Tracker Issue
yourself, if you are able to do so. For more details, see this document:

   http://dev.w3.org/html5/decision-policy/decision-policy.html

Status: Rejected
Change Description: no spec change
Rationale: If files are saved to the local machine, we cannot tell what sites
they came from.  If we let your site's files access other HTML files from the
same site, we'd have to let it access HTML files from other sites too, and that
could be a privacy violation.  For instance, maybe your files are in a
downloads folder together with sensitive HTML files (e.g., internal corporate
memos) that your files should not have access to.

I encourage you to either make sure your downloaded site consists of only one
HTML file (very practical if you use JavaScript), or consider some other
delivery mechanism like application caches.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Sunday, 26 June 2011 22:59:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:53 UTC