- From: Ian Hickson <ian@hixie.ch>
- Date: Thu, 26 Aug 2004 12:42:30 +0000 (UTC)
On Wed, 18 Aug 2004, Lachlan Hunt wrote: > > Ian Hickson wrote: > > File upload controls should never be stylable. If they were stylable, it > > would be too easy to trick users into uploading private files, by making > > them think they were normal text fields, for example. > > How exactly would it make it any easier for a user to be tricked into > selecting and uploading a private file if there was no visible browse button? > The user would just be forced to type the full path manually, rather than > selecting it with a GUI, so they would still no they were selecting a file. You'd be surprised how easy it is to trick users into typing things like that. For example: Q3. What is the path to a Linux system's password file? [ ] (( Submit Quiz )) -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 26 August 2004 05:42:30 UTC