W3C home > Mailing lists > Public > whatwg@whatwg.org > March 2012

[whatwg] Can we deprecate alert(), confirm(), prompt() ?

From: Biju <bijumaillist@gmail.com>
Date: Mon, 5 Mar 2012 23:34:15 -0400
Message-ID: <CAA0NmmQ6ET6dmNv2Cq_OEYhyz-yRYrFGpkjB8zUCXz-EPYMVMg@mail.gmail.com>
Today I again landed on a malicious site which trap users using
alert/confirm to download some application.

URL :
http://usaaccount2.com/?q=MzI1ODA0MTZEkBZYYoU0AEZuUVlSQUVaV0lWc05hc0NnenljeURJTABhOTNkNTY2M2YwNmI1OWIxZWI1NTEwYjE0ZDg1NjE0M2VkZGUzOTZkMjUwN2Q5M2NlYWI2Yzk5NzA5NjkxY2NlNjM0NTMzZmU4M2Q5ZDA5NgBEQWVCd1psR0pqRklrTFJIb1MxMzMwOTk3MzQzbVdPWU53SlBLbjc=

(or go it by http://snipurl.com/22hv8zh )

I landed there when I got redirected from.
http://ndia-tvc.org/jiamd_luncheon_18nov08/pages/letter-formation-worksheets
I think that page is hacked as its links and contents is not same as
other regular page at http://ndia-tvc.org/

Also I feel if download is not triggered by CLICK event browsers
should not prompt user to download content that not HTML/JPG/PNG.


Cheers
Biju


On 6 February 2012 19:03, Ian Hickson <ian at hixie.ch> wrote:
> On Tue, 10 Jan 2012, Ojan Vafai wrote:
>>
>> The only complaint I'm aware of is in http://crbug.com/97206. The bug
>> comments are confusing. The primary issue there is WebKit not firing
>> beforeunload/unload from frames in some cases, but there is one comment
>> about code that calls "confirm" from unload handlers followed by a sync
>> XHR to save data that now breaks.
>
> I've specced this (it's optional for now). I didn't check how closely what
> I specced matches Chrome.
>
> --
> Ian Hickson ? ? ? ? ? ? ? U+1047E ? ? ? ? ? ? ? ?)\._.,--....,'``. ? ?fL
> http://ln.hixie.ch/ ? ? ? U+263A ? ? ? ? ? ? ? ?/, ? _.. \ ? _\ ?;`._ ,.
> Things that are impossible just take longer. ? `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 5 March 2012 19:34:15 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:40 UTC