Charles Iliya Krempeaux
supercanadian at gmail.com
Wed Aug 11 19:14:05 PDT 2010
On Thu, Jul 22, 2010 at 1:46 PM, Adam Barth <w3c at adambarth.com> wrote:
> On Thu, Jul 22, 2010 at 1:41 PM, Aryeh Gregor <Simetrical+w3c at gmail.com<Simetrical%2Bw3c at gmail.com>>
> > On Thu, Jul 22, 2010 at 4:32 PM, Luke Hutchison <luke.hutch at mit.edu>
> >> There is no legitimate reason that non-developers would need to paste
> >> should be disabled by default on all browsers.
> > of fun and useful things. Also fun but not-so-useful things, like:
> > (Credit to johnath for that one. Repeat with 0 instead of 180deg to
> > undo.) You can do all sorts of interesting things to the page by
> > obviously security problems here too, but "no legitimate reason" is
> > much too strong.
> We could allow bookmarklets without allowing direct pasting into the
> URL bar. That would make the social engineering more complex at
Would a pop-up warning be sufficient, rather than disallowing it?
For example, if I write the following URL into Firefox...
... Firefox will pop-up a modal dialog box with the following message...
> You are about to log in to the site "49research.com" with the username
> "charles", but the website does not require authentication. This may be an
> attempt to trick you.
> Is "49research.com" the site you want to visit?
> [yes] [no]
to (after the user presses enter).
Charles Iliya Krempeaux, B.Sc.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the whatwg