W3C home > Mailing lists > Public > whatwg@whatwg.org > January 2011

[whatwg] Device Element

From: Glenn Maynard <glenn@zewt.org>
Date: Mon, 3 Jan 2011 17:28:44 -0500
Message-ID: <AANLkTimxoCz7K8gBXccz2UXQbwcrSXCYU7HuNQczC4yK@mail.gmail.com>
On Mon, Jan 3, 2011 at 4:45 PM, Diego Perini <diego.perini at gmail.com> wrote:
> You are correct, Firefox doesn't implement serial access by itself, it
> just let me use the OS directly (if security configuration
> restrictions are removed).

Please remember that HTML5 file access does not give you a
general-purpose serial API, regardless of whether you can access the
serial device.  Accessing block devices (including regular files) is
different from accessing character devices (eg. serial devices).
HTML5 file APIs assume files have properties of block devices
(seekable, with a meaningful size), and don't provide any of the
critical APIs for character devices: true nonblocking reads
(FileReader does async reads, which aren't the same thing);
notification when data is available (again, not the same as
FileReader's onprogress event).  And that's ignoring all of the
important nitty details of serial devices, like port speed and other

I suspect you're hitting far more "happens-to-work" with what you're
doing than you realize.

> So next question is why allow Adobe Flash and plug-ins in general to
> do that wildly and not allow others to have the same capability and be
> so paranoid about security when that is already broken by other means
> at higher levels ?

Flash is insecure, so HTML5 should be too?  Seriously?

Glenn Maynard
Received on Monday, 3 January 2011 14:28:44 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:29 UTC