Scott Shattuck wrote:
I'm not trying to be difficult, far from it. I'm just trying to truly
understand where you see things headed in this regard.
It's still in flux, but there's a general goal to not have ways for sites to
have expanded privileges. If you have use cases that require those, I'd love to
see the details (in private mail) so that we can make sure that we continue
addressing those usecases....
Recent mozilla builds have actually
started to fail to work with this approach because in my case the
top-level index.html file loads a frameset document containing a
javascript file which does the real work of booting the application and
that lower-in-the-directory-structure js file's location appears to be
used as the root of the "accessible file tree" rather than the original
index.html file used to launch the application.
Odd. Please file a bug?
And please make sure that you're using the latest pre-rc1 builds; this area of
code has seen a lot of change in the near past, as I said.
What I'm hearing in this thread is that you're suggesting this will get
worse -- perhaps to the point that it will stop working altogether.
Possibly, yes. Again, it's hard to say without knowing what use cases you need
addressed...
That file: urls launched in this fashion might not work due to an inability
to somehow decide what's safe and what's not.
Well. A file:// URI writing the user's other files is not safe. Period. The
only question is whether it makes sense to allow users to permit such an unsafe
action.
That I'll have had to have initially run the app from a local or remote web
server
Or put the parts that require expanded privileges into an extension, say. But
yes, that would indeed require an install of the extension.
(Scenarios, I might point out, which require precisely what my user community
does not want
Again, I'd love a complete description of your requirements with regard to this
stuff.
People are used to double-clicking on index.html, Mozilla is already
breaking that model.
We shouldn't be, with current 1.9 builds. Please, please double-check on this.
direction doesn't appear to be in the best interest of the end user
whose got double-click hard-wired into their mouse hand.
The goal is to not make that double-click exploit them.
Or put another way, if they save a web page and then double-click to open it,
that should be safe. It should NOT allow that page to do anything it couldn't
do before, if at all possible.
-Boris
