[whatwg] Can we deprecate alert(), confirm(), prompt() ?

Biju bijumaillist at gmail.com
Mon Mar 5 19:34:15 PST 2012

Today I again landed on a malicious site which trap users using
alert/confirm to download some application.


(or go it by http://snipurl.com/22hv8zh )

I landed there when I got redirected from.
I think that page is hacked as its links and contents is not same as
other regular page at http://ndia-tvc.org/

Also I feel if download is not triggered by CLICK event browsers
should not prompt user to download content that not HTML/JPG/PNG.


On 6 February 2012 19:03, Ian Hickson <ian at hixie.ch> wrote:
> On Tue, 10 Jan 2012, Ojan Vafai wrote:
>> The only complaint I'm aware of is in http://crbug.com/97206. The bug
>> comments are confusing. The primary issue there is WebKit not firing
>> beforeunload/unload from frames in some cases, but there is one comment
>> about code that calls "confirm" from unload handlers followed by a sync
>> XHR to save data that now breaks.
> I've specced this (it's optional for now). I didn't check how closely what
> I specced matches Chrome.
> --
> Ian Hickson               U+1047E                )\._.,--....,'``.    fL
> http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
> Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

More information about the whatwg mailing list