RE: Important to disable scripting in IE again. from Derek Featherstone on 2004-06-14 (w3c-wai-ig@w3.org from April to June 2004)

From: Derek Featherstone <feather@wats.ca>
Date: Mon, 14 Jun 2004 08:28:57 -0400
To: <w3c-wai-ig@w3.org>
Message-ID: <002d01c4520b$2b3380d0$fe01a8c0@faottcan001>

Kurt wrote:
> Are you suggesting that users should deny themselves
> access to a large part of the web because of the extremely
> small chance of being exposed to this cross-domain
> vulnerability?

I'd argue that the users aren't denying themselves access, rather, it is the
site author who is denying the users access. Given that turning scripting
off is a valid choice for dealing with these vulnerabilities, we need to
ensure that things "work" when scripting is off as well. I'm all for
enhancing things when scripting is enabled, but at least basic functionality
should be available with it off.

Best regards,
Derek.
--
Derek Featherstone  feather@wats.ca
phone: 613.599.9784;   toll-free: 1.866.932.4878 (North America)
Web Accessibility Specialist / Co-founder of WATS.ca
Web Accessibility Testing and Services http://www.wats.ca

Received on Monday, 14 June 2004 08:34:19 UTC