[Webkit-unassigned] [Bug 38876] New: User paths exposed on file drop
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon May 10 17:24:06 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=38876
Summary: User paths exposed on file drop
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: New Bugs
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: dcheng at chromium.org
CC: mjs at apple.com, sam at webkit.org, abarth at webkit.org,
noel.gordon at gmail.com, rolandsteiner at chromium.org,
eseidel at chromium.org
User paths exposed on file drop
Sam seemed concerned on #webkit that this was a user privacy violation. I'm not sure that it is (what do paths really matter?), but we certainly seem to take care not to expose them in other places (like the File object or on input.value).
This is a clone of https://bugs.webkit.org/show_bug.cgi?id=25882, which was changed to be Chromium-specific. It was closed since the Chromium port has been partially patched to address this issue, but the fix was not perfect, since paths are still exposed when dropping on an editable area.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list