Re: Proposal to Adopt HTML5 -- procedural issue

On Apr 10, 2007, at 8:10 PM, Dailey, David P. wrote:

> * Okay I guess I have to reveal the dumb question after all: does  
> WHATWG allow for writing files client side? I see there is a super- 
> cookie thing of some sort (the Storage interface), but I'm thinking  
> of execCommand('SaveAs',false, '.txt') that was (is?) available in  
> IE. About seven years ago I put together a little web app using VML  
> (IE only) http://srufaculty.sru.edu/david.dailey/grapher/ -- the  
> utility of being able to save files to the client (or open them)  
> should be relatively self-evident. Reading files client-side was a  
> mess, but writing was fairly straightforward with an ActiveX  
> thingy.  (do a google search: reading files javascript)

I think this would be a security risk unless there were careful  
restrictions on where saved files could go, whether the client can  
overwrite, and who can read saved files. It does sound useful but it  
is hard to navigate the security issues.

Regards,
Maciej

Received on Wednesday, 11 April 2007 06:28:50 UTC