[w3ctag/design-reviews] Limit allowed "accepted" extensions in File System Access API file pickers. (#580) from Marijn Kruisselbrink on 2020-12-02 (public-webapps-github@w3.org from December 2020)

From: Marijn Kruisselbrink <notifications@github.com>
Date: Wed, 02 Dec 2020 15:46:45 -0800
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/580@github.com>

HIQaH! QaH! TAG!

I'm requesting a TAG review of a small tweak to the File System Access API.

Initially the File System Access API (previously known as Native File System API) had no limitations on what strings were allowed to be used as accepted file extensions in the showOpenFilePicker and showSaveFilePicker methods. 

Since the file picker (on most platforms) appends these extensions to the filename the user enters, this can result in filenames with characters we don’t want to allow/that are otherwise problematic. In particular we don't want to allow control characters or whitespace in suffixes, or filenames that end in a '.'. As such we add restrictions on what characters are allowed in accepts file extensions/suffixes, as well as limiting their length to 16.

Limiting extensions to only contain alphanumeric characters, + or . still allows all
extensions in the shared-mime-info database as well as nearly all extensions in Wikipedia's List of filename extensions.

  - Explainer/Specification URL: https://github.com/WICG/file-system-access/pull/252

  - Tests: will be added to https://github.com/web-platform-tests/wpt/tree/master/native-file-system

  - Security and Privacy self-review²: Original self-review for the File System Access API https://github.com/WICG/file-system-access/blob/master/security-privacy-questionnaire.md

  - GitHub repo (if you prefer feedback filed there): https://github.com/wicg/native-file-system/issues/

  - Primary contacts (and their relationship to the specification):
      - Marijn Kruisselbrink (@mkruisselbrink), Google
  - Organization(s)/project(s) driving the specification: Google
  - Key pieces of existing multi-stakeholder review or discussion of this specification: The File System Access API (previously known as Native File System API) as a whole was reviewed in https://github.com/w3ctag/design-reviews/issues/390

  - External status/issue trackers for this specification (publicly visible, e.g. Chrome Status): https://www.chromestatus.com/feature/4768827940274176


Further details:

  - [x] I have reviewed the TAG's [API Design Principles](https://w3ctag.github.io/design-principles/)
  - Relevant time constraints or deadlines: As this fixes potential security issues we will be shipping these changes as soon as possible. We will try to address any feedback that comes in afterwards.
  - The group where the work on this specification is currently being done: WICG
  - The group where standardization of this work is intended to be done (if current group is a community group or other incubation venue): WebAppsWG
  - Major unresolved issues with or opposition to this specification:
  - This work is being funded by: Google

You should also know that...

[please tell us anything you think is relevant to this review]

We'd prefer the TAG provide feedback as (please delete all but the desired option):

  💬 leave review feedback as a **comment in this issue** and @-notify @mkruisselbrink



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/580

Received on Wednesday, 2 December 2020 23:46:58 UTC