Re: [widget] Security model

On 5/24/09 7:25 AM, timeless wrote:
> On Tue, May 19, 2009 at 12:18 PM, Marcos Caceres<marcosc@opera.com>  wrote:
>> 1. If no<access>  element is used, the application type (e.g., HTML,
>> Flash, whatever) is responsible for providing the security
>> context/rules under which the widget runs. For HTML this means that a
>> widget runs as if you had dragged a HTML file from your hard-drive
>> into the Web browser.
>
> this part is scary. since historically that meant a web page with full
> file system access even though this wasn't usually what users wanted,
> expected, or understood.

Of course, that is not what I meant.

> (it's true that browsers are evolving to a different model, but...)

I should have made myself more clear. I meant that the widget would 
behave as if it had been dragged from the hard-drive with respect to 
access to HTTP resources via inline content. The model I am proposing is 
dependent on the widget:// URI scheme and the assumption that widget:// 
acts a mounted drive for the widget. Access to the file system would be 
forbidden. No way was I intending to imply otherwise.

Received on Sunday, 24 May 2009 11:19:00 UTC