On Tue, Sep 22, 2015 at 7:07 AM, Jonas Sicking <jo...@sicking.cc> wrote:
> > On Sep 21, 2015 11:57, "Eric Rescorla" <e...@rtfm.com> wrote: > > > > On Mon, Sep 21, 2015 at 11:23 AM, Jonas Sicking <jo...@sicking.cc> > wrote: > >> > >> Note that this, similarly to clipboard integration, is already exposed > >> to the web through flash. So the main goal of this feature is to > >> enable developers to migrate off of flash and instead use Gecko. > > > > > > I'm not sure that this is the right standard. The reason that we are > removing > > Flash is that people are sad about some things in Flash. So I think we > need > > to replicate enough of Flash to get people to stop using it, but that > doesn't > > mean we need to have it be bug-for-bug compatible with every feature > Flash > > has, including features we think are bad. > > There are spec drafts written for most of this feature, with remaining > parts on the way. > To the extent to which you're referring to: https://wicg.github.io/directory-upload/proposal.html I find it notable that it does not contain any security section, or to the extent I can determine, even the word "security". The api has been extensively discussed with all browser vendors and has > changed substantially in response to this > Can you please point me to those changes and to the security analysis? -Ekr _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
