Re: HTTP status code equivalents for file:// operations - compat with xhr

On Tue, Aug 18, 2009 at 2:59 PM, Michael A. Puls II<> wrote:
> So, if you access the abarth directory in your browser's address field,
> it'll say:
> file:///afs/ (or
> file://localhost/afs/ in Opera)
> ?


> If so, then indeed the access has to be further restricted by the directory
> also.
> Or, does it say something else?

The point I'm trying to make is that the security model for file URLs
is tricky.  Mozilla does indeed separate by directory in an
interesting way.  When interacting with the file system, we should be
careful to consider non-Windows file systems as well.

We haven't even gotten into the fun of the /dev or /proc directories yet.  :)


Received on Tuesday, 18 August 2009 22:11:41 UTC