[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re[2]: Printing from JS

Brian Karlak wrote:

> The same method could be used for client file read/writes as well . . . "Click
> here to save this page to your disk" would bring up a file dialog.  User
> control of file path, etc = no security risk, right?  (i think so, at least . .
> .)
> Brian

Not a good idead, because then Netscape would have to incorporate a Virus 
scanner in their product. Sure you might think your saving a secure text 
file. But beleive-me, Viruses have an amazing way to get around such 
things. Besides, Netscape already has a "save as" incorporated for Saving 
a copy of the web page. Would you really want to save another type of 
file to your disk? Not me!!! I always check the source "View Document 
source" before saving it to disk! First of all: for anything 
interresting. And second: If any weird stuff has been done by the Author.

sure, a dialog would prevent a user from saving unwanted files. But the 
problem is a user may be convinced by the Web page author into thinking 
this is safe, and BAM!!! instant virus on your disk. A virus could be in 
a Java Applet or anything else. Hey, if people can send Viruses through 
E-Mail (remember the "Good Times" E-Mail virus?), someone will surely 
find a way to make one with Java Applets or JavaScript.

Christian Lanctot
e-mail: kristian@generation.net
Web   : http://www.generation.net/~kristian/
For help about the list, please send a message to 'majordomo@obscure.org'
with the message body 'help'. To unsubscribe, send a message to
'majordomo@obscure.org' with the message body 'unsubscribe javascript'.
List archives and pointer to FAQ: http://www.obscure.org/javascript/