While it's unlikely that screen resolution will go above 2x in the near future,
should we be taking into account the zooming of specific elements that might
result in the need for larger artwork? (take icons, that can scale all the way
up to 512px or above)
On 13/08/2012, at 5:39 PM, Henri
standardized).
Am 02.08.2011, 12:30 Uhr, schrieb Anne van Kesteren ann...@opera.com:
On Tue, 02 Aug 2011 12:21:31 +0200, Dennis Joachimsthaler
den...@efjot.de wrote:
[...]
The X-Frame-Options header addresses this if I understand the concern
correctly.
Am 02.08.2011, 12:38 Uhr, schrieb Anne van Kesteren ann...@opera.com:
On Tue, 02 Aug 2011 12:33:18 +0200, Dennis Joachimsthaler
den...@efjot.de wrote:
I took a look at the X-Frame-Options and it only disallows displaying
in a frame, not forbidding only script access.
What kind of script
Am 02.08.2011, 13:00 Uhr, schrieb Anne van Kesteren ann...@opera.com:
On Tue, 02 Aug 2011 12:48:06 +0200, Dennis Joachimsthaler
den...@efjot.de wrote:
Say, there's a site which uses an autologin facility to automatically
log their users in when the site is opened.
Malicious guy #1 prepares
Am 02.08.2011, 13:12 Uhr, schrieb Anne van Kesteren ann...@opera.com
If users cannot trust their userscripts and addons (provided they can do
unsafe things) they have lost already.
True. We do not make standards solely to protect inexperienced users.
Thank you for your insight on this
Hello Alex,
may I ask: Why? This would only cover a few cases of cross-site-scripting
attacks. It would not make a website more secure.
As to the suggestion, I have one little concern: It should not be possible
to WRITE those SecurePassword values. You only wrote reading...
Also it would
How about deleting the value if the input type is changed away from the
secure password input type AND that the secure password can only be
submitted to a similar URI.
Am 10.07.2011, 12:44 Uhr, schrieb Alex Vincent ajvinc...@gmail.com:
On Sun, Jul 10, 2011 at 3:21 AM, Michal Zalewski
Hello,
Opera, for example, requires you to hit the wand or login button before
it even does any autocompletion.
I wish all browsers would implement it like this instead of just... Filling
it out before the user can interact. Makes reading easy.
Am 10.07.2011, 21:17 Uhr, schrieb Michal
Am 03.06.2011, 15:16 Uhr, schrieb Eduard Pascual herenva...@gmail.com:
On Fri, Jun 3, 2011 at 2:23 PM, Dennis Joachimsthaler den...@efjot.de
wrote:
This grants the ability for any content provider to use an explicit
Content-Disposition: inline HTTP header to effectively block
download links
Am 03.06.2011, 10:23 Uhr, schrieb Eduard Pascual herenva...@gmail.com:
On Thu, Jun 2, 2011 at 10:09 PM, Dennis Joachimsthaler den...@efjot.de
wrote:
By the way, another point that we have to discuss:
Which tag should a browser favor. The one in HTTP or the other one in
HTML?
Is that really
Am 02.06.2011, 21:58 Uhr, schrieb Glenn Maynard gl...@zewt.org:
On Thu, Jun 2, 2011 at 3:32 PM, Michal Zalewski lcam...@coredump.cx
wrote:
I don't think the issue raised was about getting people to save files,
though. If you can get someone to click a link, you can already point
them at
Hi Boris,
Am 26.05.2011, 20:15 Uhr, schrieb Boris Zbarsky bzbar...@mit.edu:
On 5/26/11 2:06 PM, Dennis Joachimsthaler wrote:
I believe it forces the extension to match the MIME type; if the type
text/plain the saved filename will be
Important_Security_Update.exe.txt.
Ah, alright
Am 26.05.2011, 21:08 Uhr, schrieb Boris Zbarsky bzbar...@mit.edu:
Yes, that's the one saving grace. Usually is key, though.
Usually, damn.
There is little practical difference for the user between running a
binary and running a perl script, and sneaking in a text file with a .pl
, yep... If browsers implement the filename (+ extension) name changing
we should make it a MUST to implement security...
- Dennis Joachimsthaler
Am 26.05.2011, 22:58 Uhr, schrieb Julian Reschke julian.resc...@gmx.de:
On 2011-05-26 22:54, Dennis Joachimsthaler wrote:
Am 26.05.2011, 22:53 Uhr, schrieb Boris Zbarsky bzbar...@mit.edu:
Probably no one, to a first approximation, but we were specifically
talking about non-Windows systems
Am 08.12.2010, 23:09 Uhr, schrieb Aryeh Gregor simetrical+...@gmail.com:
On Wed, Dec 8, 2010 at 2:47 PM, Alex Komoroske komoro...@chromium.org
wrote:
=visibilitychanged=
A simple event, fired at the document object immediately after
document.visibility transitions between visibility states.
Am 07.12.2010, 10:13 Uhr, schrieb Julian Reschke julian.resc...@gmx.de:
It would be great if those scripts could just get fixed.
Do you actually think that would HAPPEN? I think not. Better have people
get
rid of them entirely. Though that wouldn't happen either.
I'm still all for such a
Am 10.11.2010, 17:03 Uhr, schrieb Ian Hickson i...@hixie.ch:
On Wed, Nov 10, 2010 at 1:55 AM, Dennis Joachimsthaler den...@efjot.de
wrote:
Yes. This is disgraceful.
Am 10.11.2010, 10:02 Uhr, schrieb Alexandre Morgaut
alexandre.morg...@4d.com:
Please ban this spammer
Done. Sorry everyone
Yes. This is disgraceful.
Am 10.11.2010, 10:02 Uhr, schrieb Alexandre Morgaut
alexandre.morg...@4d.com:
Please ban this spammer
On Nov 10, 2010, at 9:20 AM, Alexandre Гоннов wrote:
HD Video: http://agasearch.info/?full-hd-video.avi
Mirror 1:
Am 26.09.2010, 21:43 Uhr, schrieb Ian Hickson i...@hixie.ch:
On Sun, 26 Sep 2010, den...@efjot.de wrote:
That's unnecessary; I guarantee that I will read and reply to every
e-mail sent to this mailing list that provides new feedback. All
pending e-mails are tracked here:
Am 28.09.2010, 01:01 Uhr, schrieb timeless timel...@gmail.com:
tl;dr of my previous post: it's impossible to know how much memory is
available in the future.
How much memory you're currently using is something that /could/
probably be provided in the near future. *However*, there might be a
This thread has in fact already received an official reply:
I am sorry, I didn't recognize you were one of the managers here.
I should've read more.
http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2010-August/028148.html
That e-mail received a reply that I haven't responded to yet:
Hello,
I do currently wonder, after a lot of hours of researching, if there is
any possibility to upload files with values through XMLHttpRequest?
The XmlHttpRequest just ends the request after the first send.
There should be a more thought out API for multipart/form-data since we
have
Am 17.09.2010, 20:46 Uhr, schrieb Anne van Kesteren ann...@opera.com:
On Fri, 17 Sep 2010 20:41:19 +0200, Dennis Joachimsthaler
den...@efjot.de wrote:
(Or, any knowledge how it is done today? I can't find
anything about it! Crazy.)
Of course:
http://dev.w3.org/2006/webapi/XMLHttpRequest
Am 17.09.2010, 20:56 Uhr, schrieb Dennis Joachimsthaler den...@efjot.de:
Am 17.09.2010, 20:46 Uhr, schrieb Anne van Kesteren ann...@opera.com:
On Fri, 17 Sep 2010 20:41:19 +0200, Dennis Joachimsthaler
den...@efjot.de wrote:
(Or, any knowledge how it is done today? I can't find
anything
Jeremy Keith jer...@adactio.com wrote:
Dennis wrote:
...
Hang on... isn't the mechanism for this already available via the type
attribute?
For example:
a href=/path/to/image.jpg type=image/jpegFull size image/a
That wouldn't help in this case...
A browser could offer a preference
Ben Schwarz ben.schw...@gmail.com wrote:
I'm really not too sure what pre-existing problem this actually solves.
Given that a server sets the correct mime-types for a given resource, we
know what type it is already.
Yes, since we don't want to set MIME-Types. I want to be able to set
what a
Kornel Lesiński kor...@geekhood.net wrote:
On 2 Aug 2010, at 17:21, Michael Kozakewich wrote:
I agree that it's not good to force users in general. However, this
attribute can be implemented only as a hint for browsers to display
Open/Save dialog. Users wouldn't be forced to download the
Hello,
I have an idea which would be very cool for HTML5.
Having a Content-Disposition property on a tags which does the same as
the HTTP Header.
For example changing the file name of the file to be downloaded or rather
have a image
file download rather than it being shown in the browser
The purpose of all the new tags, is so the machine can figure out what is NOT
main content, and assume everything else is. With proper use of sectioning and
aside as well as header and footers this can be mostly achieved today.
On 4/06/2010, at 5:39 PM, Daniel Persson wrote:
I am not
isn't really an option. Someone tell me if I'm
wrong on that though, I'm just a designer :)
--
Steve Dennis
www.subcide.com
. Saying why bother? about all
the broken sites on the web totally defeats the purpose of what everyone here's
trying to achieve.
--
Steve Dennis
www.subcide.com
lots of
us will look back on sprites the same way we see spacer.gifs, which were a
necessary evil at the time.
- Steve Dennis
Yes, this is using the img as a layout tool. Specifically, you're
using the img to avoid specifying width and height in CSS, and
to enable further layout hacks
33 matches
Mail list logo
