HTML5 hole in major browsers... well, except for Firefox


Recommended Posts

So the browsers at risk don't follow the recommendations the standard says they should, kinda funny.

I wonder if IndexedDB would be susceptible to an attack like this.

Link to comment
Share on other sites

The glorious future of the mighty Flash killer. Welcome, welcome. We've been expecting you. With all your ridiculously stupid troubles, too.

I know! Flash have never EVER have holes and security faults!

...

...

...

Shall I continue?

Link to comment
Share on other sites

I know! Flash have never EVER have holes and security faults!

...

...

...

Shall I continue?

>missing the point of the post quoted entirely

Link to comment
Share on other sites

not trying to flame or anything, just my two cents....this serves to prove that nothing is flawless....instead of jumping the gun and trying to drop flash/flex and so on to adopt html5, one should wait until the platform matures enough and standards are set in stone.

Link to comment
Share on other sites

HTML5 isn't even a set standard yet chaps...

...and web storage is only at recommendation stage.

in other words...it's like complaining that is a house is cold before the builder has installed the doors and windows.

Link to comment
Share on other sites

^ Well, then perhaps we shouldn't have moved into this house yet... and set the old rented apartment ablaze with such a profound sensation of accomplishment? Gosh knows it may start to rain fish and the roof may not hold as well.

  • Like 3
Link to comment
Share on other sites

one should wait until the platform matures enough and standards are set in stone.

If the effected vendors had actually paid attention to the spec that specifically has recommendations to stop this from occuring, naturally this wouldn't of happened.

Props to Mozilla for actually paying attention.

Link to comment
Share on other sites

Mmm, yes.

Please, tell me more about how everyone should use Webkit instead of following open web standards. :whistle:

Given that the problem affects Trident and Presto as well that's a pretty stupid comment to make.

Link to comment
Share on other sites

Given that the problem affects Trident and Presto as well that's a pretty stupid comment to make.

No, you just think it's stupid because you're a "Google shill", to borrow your own terminology from other threads.

This not only proves that open web standards and adherence to them is important, but that having a single rendering/layout engine is a bad thing.

Link to comment
Share on other sites

So explain to me how it's Google's fault when Webkit (which Google do not actually make just FYI) is not the only browsing engine that is subject to the flaw?

Link to comment
Share on other sites

So explain to me how it's Google's fault when Webkit (which Google do not actually make just FYI) is not the only browsing engine that is subject to the flaw?

You need to read the OP and maybe find an email for Feross Aboukhadijeh, he is the one that discovered it.

Link to comment
Share on other sites

So explain to me how it's Google's fault when Webkit (which Google do not actually make just FYI) is not the only browsing engine that is subject to the flaw?

Wow. That's a dumb argument.

Link to comment
Share on other sites

So explain to me how it's Google's fault when Webkit (which Google do not actually make just FYI) is not the only browsing engine that is subject to the flaw?

Oh, so Webkit isn't the holy grail of openness that you made it out to be in the Opera thread after all? Or is it just because this doesn't work in Google's favour?

They ship Webkit in both binary and source form, they contribute to the Webkit project, and they were supposed to be the so-called "champions of the open web". So yes, they're just as much at fault for shipping a broken, non-standard implementation as Opera and MSFT.

Link to comment
Share on other sites

Funny how people twist your words here when you aren't prepared to sell your soul to Microsoft isn't it.

Chrome is open (ish, chromium), webkit is open. Never did I claim that software being open excludes it from carrying bugs or design faults. And given the other browsing engines it effects, it's clearly something that's common practice in the industry.

Link to comment
Share on other sites

Funny how people twist your words here when you aren't prepared to sell your soul to Microsoft isn't it.

Chrome is open, webkit is open. Never did I claim that software being open excludes it from carrying bugs or design faults. And given the other browsing engines it effects, it's clearly something that's common practice in the industry.

Because supporting open web standards means you're a Microsoft supporter, amirite? (Mozilla would of been far more apt)

You argued in favour of Webkit dominance, and now you don't even have the integrity to stick to your own words. Pathetic.

Link to comment
Share on other sites

Another misconception. I still think it would be good if they all worked towards the same goal instead of having to compete with each other, I also accept that no software, proprietary or open source is completely free from flaws. If you want to warble on about integrity how about putting your money where your mouth is and not twisting my words? ;)

Link to comment
Share on other sites

Another misconception. I still think it would be good if they all worked towards the same goal instead of having to compete with each other, I also accept that no software, proprietary or open source is completely free from flaws. If you want to warble on about integrity how about putting your money where your mouth is and not twisting my words? ;)

"Flaws"

You mean ignoring the large, red-backgrounded section of the localStorage spec that specifically warns about this "flaw"? Hah!

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.