- From: Jonas Sicking <jonas@sicking.cc>
- Date: Thu, 18 Jul 2013 17:10:43 -0700
- To: Anne van Kesteren <annevk@annevk.nl>
- Cc: Mounir Lamouri <mounir@lamouri.fr>, Kinuko Yasuda <kinuko@chromium.org>, Web Applications Working Group WG <public-webapps@w3.org>
Or simply if we make it possible to pass a Directory through postMessage then you can open another website in a sandboxed <iframe> and pass it a Directory and let it modify its contents, without having to grant access to other parts of the sandboxed filesystem. / Jonas On Thu, Jul 18, 2013 at 5:02 PM, Anne van Kesteren <annevk@annevk.nl> wrote: > On Thu, Jul 18, 2013 at 4:52 PM, Mounir Lamouri <mounir@lamouri.fr> wrote: >> Isn't a Directory object just a path? I mean, would you send the list of >> files and their content or just the path to the directory? If you >> literally want to pass the Directory object, I am not sure how passing >> the path is different except that you would have to know if this is >> temporary or permanent storage. > > If you use a sandboxed system like Caja you could imagine passing the > Directory and thereby not exposing any of the files higher in the > hierarchy. However, Caja could probably also work around this somehow > given different primitives. > > > -- > http://annevankesteren.nl/ >
Received on Friday, 19 July 2013 00:11:40 UTC