[ANN] Stacks published on the Web
psahores at free.fr
Sun Aug 2 12:35:58 EDT 2009
Le 2 août 09 à 17:24, Colin Holgate a écrit :
> I don't think that the plugin should insist on asking the user for
> permission to load content from the web
My personal tought :
Yes, as long as this web contents can only interact with the user
without any local-filesystem access, but only as inside the plugin
runnable code and medias.
No, in any other cases.
> The way that Flash works with writing local content works well.
> Flash can, by default, write up to 100k of local data without asking
> for permission. The user can increase or decrease that at any time.
But in terms of real ability to fill very unfriendly code to the
client-side computer, 100 k is enought to kill anything of the local
file-system and even the hard-disk it-self by speeding it up until it
definitivelly crash via a 6ko sniplet. So, if 100 k is enought to kill
and hack anything, both, the Java or Flash security models are only
non-sense in anything else out of marketing considerations.
In my humble advice, as a real honest team, management and company,
RunRev know and does exactly what need to be done to protect the
client-side computer and i think for my own that they are just doing
the best of what need to be done.
On the other hand, i would appreciate to be able to avoid the display
of any local-file system access autorisation demand, each time i
purpose a plugin-app witch don't interact in any way with the local
file system (updating it-self via post, get, realtime video-streaming,
experience, this need for me, to be able to save its personal plugin's
preferences to my own server, instead of in writing them to its local
"Mes deux centimes d'Euro" ;-)
mobile : 06 03 95 77 70
More information about the Use-livecode