The spec should just say to not expose the full path by default. That way, browser makers can (not must or should or anything like that) provide a "I'll be the judge of that!" user option to override that globally or per-site if they want. -- Michael