Daniel P. Berrange wrote: > IMHO requesting support for a build flag to disable this ability to > remotely push executable code out to user's browser is not unreasonable,
I agree. There should be a single, properly documented build-time option to disable all current and future features that download and execute code without asking the user for explicit permission. If such an option doesn't exist, then I think the Fedora project should request one – and then use it. Any such feature should be strictly opt-in if it must exist at all (except for Javascript from the website being visited, because as much as I would like to make Javascript optional there's no chance of that happening at this point). Björn Persson
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
