[whatwg] [WF2] form submission protocols and methods
Alexey Feldgendler
alexey at feldgendler.ru
Mon Dec 19 20:53:17 PST 2005
On Tue, 20 Dec 2005 08:01:27 +0600, Maciej Stachowiak <mjs at apple.com>
wrote:
> I don't think reading /dev/mouse will specifically do anything bad, but
> I see your point. For file: in file: inclusion I think it would be wise
> to exclude certain system paths such as /dev and /etc. I think this may
> be done already.
I've just tried on my Opera for Linux. Opeing file:///dev/input/mice
(that's what I have instead of /dev/mouse) simply produces a blank page.
But opening file:///dev/random causes Opera to stop responding to UI.
I think it's the responsibility of the browser developer to know what
file: resources of the local OS are dangerous, and to avoid opening them.
For example, on Linux it would be a safe bet to avoid opening anything
than regular files (i.e. character specials, block specials, fifos etc).
-- Opera M2 9.0 TP1 on Debian Linux 2.6.12-1-k7
* Origin: X-Man's Station at SW-Soft, Inc. [ICQ: 115226275]
<alexey at feldgendler.ru>
More information about the whatwg
mailing list