- From: Paul Libbrecht <paul@hoplahup.net>
- Date: Fri, 17 Feb 2012 20:18:46 +0100
- To: Ryosuke Niwa <rniwa@webkit.org>
- Cc: "Hallvord R. M. Steen" <hallvord@opera.com>, public-webapps@w3.org
- Message-Id: <E43A61C5-C6E4-4947-BF84-8D8EDE89344C@hoplahup.net>
Le 17 févr. 2012 à 19:25, Ryosuke Niwa a écrit : > On Fri, Feb 17, 2012 at 10:10 AM, Paul Libbrecht <paul@hoplahup.net> wrote: > I have one concern: media-types are likely to be insufficient and "flavour names", whatever they are on the host platform should be allowed I think. Almost arbitrary strings on Windows and Uniform Type Identifiers on Mac should be allowed, I think. > > Realistically, I don't think we'll ever let the wild Web get/set arbitrary data like that. But maybe we can do that for privileged websites (ones that the user trusts). I'm easy here. I sure do not want to slow down progress of this spec. I think it makes sense but well... (I find UTIs rather sexy since they have inheritance which media-types do not have). Hallvord, it should be called media-types btw, or? > Yes, it does happen: I think I know that in Windows the supported flavour-names depend on the launched applications. On Mac it depends on the applications whose descriptor has been loaded (by the Finder I think, it might also be those that have been launched once). At least an application download and launch can cause a change in the supported media-types of the OS. > > Right. These will become problems if we decide to expose all platform types. > > However, would the browsers be informed of such a change? Would they be able to consider a given type as being safe and not needing a sanitization? > > I don't think that's possible without some sort of pre-knowledge about how the data is processed. In practice, we always hard-code this kind of information somewhere so I'm even not sure if such an elaborate behavior can be implemented. If anyone is willing to consider trusted web-sites (and MSIE already does?) then it is worth included. paul
Received on Friday, 17 February 2012 19:19:44 UTC