[whatwg] Drag-and-drop folders/files support with directory structure using DirectoryEntry
glenn at zewt.org
Tue Nov 15 18:42:50 PST 2011
On Tue, Nov 15, 2011 at 9:37 PM, Zac Spitzer <zac.spitzer at gmail.com> wrote:
> any thoughts about minimising the security implications on this?
> it makes it extremely easy to jump on a machine, open a browser page,
> select a sensitive folder and upload it all to a remote server
It's meaningless to try to secure against a hostile local user at this
level. The attempt will be a cost to everyone, and it's a battle you're
going to lose.
More information about the whatwg