On Wed, 19 Sep 2012, Adam Barth wrote:
On Wed, Sep 19, 2012 at 1:46 PM, James Graham <jgra...@opera.com> wrote:
On Wed, 19 Sep 2012, Edward O'Connor wrote:
Olli wrote:
I think we should discuss about moving File API: Directories and
System API from Recommendation track to Note.
Sounds good to me.
Indeed. We are not enthusiastic about implementing an API that has to
traverse directory trees as this has significant technical challenges, or
may expose user's path names, as this has security implications. Also AIUI
this API is not a good fit for all platforms.
There's nothing in the spec that exposes user paths. That's just FUD.
I was thinking specifically of the combination of this and Drag and Drop
and this API. I assumed that at some level one would end up with a bunch
on Entry objects which seem to expose a path. It then seems that then a
user who is tricked into dragging their root drive onto a webapp would
expose all their paths.
It is quite possible that this is a horrible misunderstanding of the spec,
and if so I apologise. Nevertheless I think it's poor form to immediately
characterise an error as a deliberate attempt to spread lies.
In any case my central point remains which is that would support this spec
moving off the Rec. track at this time.
