Re: File IO...

Scott Shattuck wrote:
> I'm not trying to be difficult, far from it. I'm just trying to truly 
> understand where you see things headed in this regard.

It's still in flux, but there's a general goal to not have ways for sites to 
have expanded privileges.  If you have use cases that require those, I'd love to 
see the details (in private mail) so that we can make sure that we continue 
addressing those usecases....

> Recent mozilla builds have actually 
> started to fail to work with this approach because in my case the 
> top-level index.html file loads a frameset document containing a 
> javascript file which does the real work of booting the application and 
> that lower-in-the-directory-structure js file's location appears to be 
> used as the root of the "accessible file tree" rather than the original 
> index.html file used to launch the application.

Odd.  Please file a bug?

And please make sure that you're using the latest pre-rc1 builds; this area of 
code has seen a lot of change in the near past, as I said.

> What I'm hearing in this thread is that you're suggesting this will get 
> worse -- perhaps to the point that it will stop working altogether.

Possibly, yes.  Again, it's hard to say without knowing what use cases you need 
addressed...

> That file: urls launched in this fashion might not work due to an inability 
> to somehow decide what's safe and what's not.

Well.  A file:// URI writing the user's other files is not safe.  Period.  The 
only question is whether it makes sense to allow users to permit such an unsafe 
action.

> That I'll have had to have initially run the app from a local or remote web server

Or put the parts that require expanded privileges into an extension, say.  But 
yes, that would indeed require an install of the extension.

> (Scenarios, I might point out, which require precisely what my user community does not want

Again, I'd love a complete description of your requirements with regard to this 
stuff.

> People are used to double-clicking on index.html, Mozilla is already 
> breaking that model.

We shouldn't be, with current 1.9 builds.  Please, please double-check on this.

> direction doesn't appear to be in the best interest of the end user 
> whose got double-click hard-wired into their mouse hand.

The goal is to not make that double-click exploit them.

Or put another way, if they save a web page and then double-click to open it, 
that should be safe.  It should NOT allow that page to do anything it couldn't 
do before, if at all possible.

-Boris

Received on Thursday, 8 May 2008 02:11:47 UTC