[whatwg] Canvas - toTempURL - A dangerous proposal
Boris Zbarsky
bzbarsky at MIT.EDU
Fri Mar 27 16:44:14 PDT 2009
Charles Pritchard wrote:
> The draw back of this scheme is that Canvas can now write to a users
> hard drive.
> A Denial of Service exploit could run toTempURL in an infinite loop,
> filling up
> the users temporary files directory until the browser puts a stop to the
> sillyness.
Even worse, doesn't this allow placement of known bytes in a known
location on the user's hard drive without the user's knowledge? That's
an excellent first step in an exploit; I would be loath to implement
something like that in a browser...
-Boris
More information about the whatwg
mailing list