- From: Dmitry Titov <dimich@google.com>
- Date: Mon, 25 Oct 2010 12:46:26 -0700
On Mon, Oct 18, 2010 at 11:28 AM, Drew Wilson <atwilson at google.com> wrote: > I believe it's a security feature. > > Imagine that you download foo.html into your C:/ - according to the logic > below, script running in foo.html should be able to read *any file on your > C:/ drive*. That seems scary to me. > > FWIW, chrome allows passing the --allow-file-access-from-files command line > flag to make it easier for developers to work locally without running an > HTTP server. > I wish it was an option for a tab (right-click on the tab -> "Allow File Access" or so), to make spontaneous hacking of a random html easier... > > -atw > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20101025/c040c05d/attachment.htm>
Received on Monday, 25 October 2010 12:46:26 UTC