On Mon, 30 Dec 2002 12:16:43 +0100 [EMAIL PROTECTED] (Richard Menedetter) wrote:
Hi Samuel! > 23 Dec 2002, "Samuel W. Heywood" <[EMAIL PROTECTED]> wrote: > SH> As most of you all know, Arachne and other normal internet browsers > SH> do not come with the totally unecessary and undesireable feature of > SH> having a "browser upload" function like the one that is incorporated > SH> into the bloatware browsers MSIE and NetScape. > first how many NORMAL browsers do you know that do NOT incorporate this > trivial feature ? > second it is not only incorporated into MSIE and NS, but also into mozilla, > netscape, lynx ........................ I have not found such a feature in Opera. Lynx386 doesn't have it. The Phoenix browser, being a compact version of Mozilla doesn't have it. The earlier versions of NetScape and MSIE did not have it. In the early days of NetScape and MSIE people were doing FTP. > SH> When I write to the web site tech support people to ask if I can > SH> simply do FTP instead, they answer with a resounding "NO". > too much work for them. > They need to set up a FTP server with write rights for all accounts they have. > and furthermore FTP is pure CRAP. (the protocol is badly designed, and there > are many security risks in the FTP daemons.) Are the security risks with FTP any greater than with Telnet? With FTP and with Telnet you have to send your password in the clear. > SH> Why can't you simply do FTP instead of doing "browser upload"? > SH> The techies say you can't do it, but they refuse to explain why. > The 2 are completely independant. > The webapplications often use PHP (or similar scripting language) to do the > work. There a HTTP upload is trivial ... and you can restrict it to already > authenticated sessions. > If you want to use FTP, than you have to set up a FTP server (and therefor open > up a big security hole), and furthermore you need to solve the authentication > problem, and you need to solve how the web application gets the filename. SH> Isn't plain old ordinary FTP still the standard and normal and SH> most universally acceptable method for transferring files? > NO !!!!!!!!!!!!!!!!!!!!! > FTP uses cleartext authentication ... therefor it MUST NOT be used for anything > other than anopnymous access. > But it still is used for distributing software via anonymous FTP. > Don't mix these 2 issues. I use SFTP for servers which allow it. SFTP encrypts the password. > SH> Another question: Why did the developers of MSIE and NetScape even > SH> ever want to incorporate a "browser upload" feature? > Because it is VERY handy. > SH> This is certainly not a feature that any normal browser should have. > in your oppinion. > Mine is different :) > SH> This kind of feature certainly is not needed. It serves only to make > SH> the browser more bloated and to run more slowly. > The implementation is not hard, and everybody has another definition of bloat. > This trivial and useful feature is sure not bloat for me. Until after having considered all your thoughts on this matter I used to think of the incorporation of the HTTP upload feature as just another plot to increase browser bloat. Hence the reason for my question. Thanks for your opinions. > SH> Sam Heywood > CU, Ricsi > PS: Michael we are talking about pre mozilla netscapes :)) > Netscape 3 and 4 are older than mozilla ... :) Sam Heywood -- Message sent by Net-Mail Pro (DOS). See http://www.nettamer.net/xagent.html
