Re: Firefox PDF download - strange behaviour.
On Mon, 17 Jan 2022, at 05:19, songbird wrote:
> you are right, but i just wanted to say that for some sites
> the behavior is to generate a unique file name if they find
> one that already exists with the same name and for other sites
> it is not. i think this is dependent upon the website designers
> and not firefox.
Are you saying that code on a webpage can interrogate my
file system to see whether certain files exist? I don't like the
sound of that.
A quick google found me:
https://developer.mozilla.org/en-US/docs/Web/API/File_System_Access_API
which seems to describe ways that Javascript can read and write
my files, and scan my directories (or will be able to when this
API is implemented).
There's not enough information, in my view, explaining how a
browser user can prevent that. It says - if I'm reading it right -
that it's secure because users are offered file pickers etc when
a file is to be opened or file-save dialogs when something is to
be created.
But one of the code examples describes getting a handle to a
directory and says if the directory doesn't exist yet it will be
created. That suggests that rogue code could create folders
on my system.
I think I also read that once the code has a handle to a directory
it can scan sub-directories as well.
--
Jeremy Nicoll - my opinions are my own.
Reply to: