On Sat, Jun 25, 2011 at 22:14, Martin Pelikan <martin.peli...@gmail.com> wrote: > On Sat, Jun 25, 2011 at 07:44:50PM +0300, Alexey Suslikov wrote: >> Well... Having someone using your credit card to make pre-orders >> for you in restaurants "you might visit in the near future" (no kidding, >> see https://developer.mozilla.org/en/Link_prefetching_FAQ) sounds >> dangerous, not brilliant. > > You mean by reading other site's cookies? How do you use my credit card > number if I'm shopping at ebay which prefetches your site (for which the > ebay webmaster should be hung anyway) and the only thing you see is the > Referrer. What is the difference between automatic pre-loading and > simultaneous browsing for example? These bugs will always be in browsers > and one feature on top of that doesn't change a damn thing.
You didn't get it. The question here, do you want someone/something to make a decision for you? One can put a prefetch link on his page, making your browser to access some data with unknown access policy or license WITHOUT you even knowing about it. After job is done and your activity is logged, you are a copyright or policy violator. > > And even that page talks about having a knob for all this, which is why > this discussion started - let the user decide - if he thinks he knows > better, it's his choice. > > for Claudio: > Yes, it does use bandwidth. That's what bandwidth is for. And it's not > "browser decides", it's "web creator decides" and despite that it will This is why web has tons of websites with malicious javascript code - because that's what web sites are for :) Prefetching is damn good for attacks because user thinks "it is a part of html-some standard and super fast - it is good for me". Alexey
