[whatwg] Proposal: API to ask the user for a file

[Ian Hickson]

On Mon, 29 Apr 2013, JC wrote:
>
> So far the only way to ask a user to select a file (e.g. to upload an 
> attachment in a mail client) without showing the ugly "file input" UI is 
> to create one of these elements, hide it somehow, and invoke the "click" 
> method on it and listen for the "changed" event.

You can also just accept a drag-and-dropped file.

Having the <input type=file> UI hidden is probably not supposed to be 
possible (though it's hard for us to stop it), because it means you can 
trick people into clicking the button and bringing up the dialog, which 
can, if you know what browser/OS they're using, let you in some cases 
trick them into uploading a particular file. (It's gotten harder with 
browsers going away from allowing arbitrary text input into that 
control, though, so this might no longer be that big a deal.)


> The minimum requirements would be to be able to provide a string for the 
> dialog title, a string for the accepted mime types and a boolean to 
> specify whether multiple files can be selected at once, the return value 
> would be a FileList object [1]. This is essentially the same 
> functionality offered by the existing file input element [2] with the 
> only addition of a title for the dialog.

We could maybe do this if browser vendors are comfortable with it... it's 
definitely something we want to be really careful about, though. For 
example, we don't want to set up a situation where a site can trigger a 
download of a sensitive file (e.g. bank account details) and then trick 
the user into uploading it by asking the user to "Select the file you want 
to protect from uploading" or "For debugging purposes, select the newest 
file in this directory, which is a log file we just generated".

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'