edbrowse-dev - development list for edbrowse
 help / color / mirror / Atom feed
From: Karl Dahlke <eklhad@comcast.net>
To: Edbrowse-dev@lists.the-brannons.com
Subject: [Edbrowse-dev]  a JS centric design
Date: Sat, 07 Nov 2015 11:33:39 -0500	[thread overview]
Message-ID: <20151007113339.eklhad@comcast.net> (raw)
In-Reply-To: <20151107161332.GB24590@toaster.adamthompson.me.uk>

Adam, thanks for your thoughts and concerns.
I posted because I realy do want to know.
Would like to hear from others as well.

At the surface I don't see anything a web page could do in my js centered model,
e.g. sticking variables in window.eb$, that it couldn't already do straight away
by fiddling with document.cookie or document.location or document.forms[0].action
or any of those things, so it seems all the same to me,
but as you say, correctly, we really have to give this
a lot of thought before taking even a small step in that direction.
Have to be convinced it won't open up any new loopholes.

I know what you mean about browser being the main point of entry
for hackers, though now it might be phishing emails.
Ten years ago my wife's Explorer was hijacked,
and she was looking at my web site which I wrote, and seeing all sorts of
hyperlinks that weren't there, links that I didn't put in,
links her hijacked browser was creating out of thin air,
to direct her to other websites.
Twas one of my biggest WTF moments.
It made me sick and she's never been on windows since,
which solves most of the problem but yes I know what you mean.

Karl Dahlke

  reply	other threads:[~2015-11-07 16:33 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-06 19:51 Karl Dahlke
2015-11-07 16:13 ` Adam Thompson
2015-11-07 16:33   ` Karl Dahlke [this message]
2015-11-07 22:23   ` Chris Brannon
2015-11-07 22:35     ` Karl Dahlke

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151007113339.eklhad@comcast.net \
    --to=eklhad@comcast.net \
    --cc=Edbrowse-dev@lists.the-brannons.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).