- From: Glenn Maynard <glenn@zewt.org>
- Date: Thu, 2 Jun 2011 15:58:05 -0400
On Thu, Jun 2, 2011 at 3:32 PM, Michal Zalewski <lcamtuf at coredump.cx> wrote: >> I don't think the issue raised was about getting people to save files, >> though. ?If you can get someone to click a link, you can already point >> them at something that sets the HTTP C-D header. > > The origin of a download is one of the best / most important > indicators people have right now (which, by itself, is a bit of a > shame). I just think it would be a substantial regression to make it > possible for microsoft.com or google.com to unwittingly serve .exe / > .jar / .zip / .rar files based on third-party markup. > > Firefox and MSIE display the origin fairly prominently, IIRC; Chrome > displays it in some views. But deficiencies of current UIs are > probably a separate problem. Firefox displays it in a small, unimportant-looking piece of text inside a busy dialog; I never even consciously noticed it until I looked for it. For me, Chrome doesn't say anything; when I click an .EXE it saves it to disk without asking (maybe I changed a preference somewhere--that seems like an unlikely default). When I download a file, I decide whether to trust "dangerous" file types based on who's telling me to download it--that is, based on the site linking the file, not the site hosting it. I'd strongly suspect that more people look at who's linking the file (eg. where they were when they clicked the link), and that very few people examine the "from:" text in the save-as dialog. Either way, again this is something that can be dealt with in UI, for example by displaying the source URL as the source of the download rather than or in addition to the domain hosting the file when this attribute is used. It's a weak argument against this feature. -- Glenn Maynard
Received on Thursday, 2 June 2011 12:58:05 UTC