[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comment on vicinties vs URIs

This page is part of the web mail archives of SRFI 59 from before July 7th, 2015. The new archives for SRFI 59 contain all messages, not just those from before July 7th, 2015.

felix winkelmann wrote:

- It should be apparent that generalizing this all to URIs brings with it
  some security issues

I don't see this.  I can see trouble if a Bad Guy gets an
application to look for a resource using a bad URI.  But how is this
different from getting an application to look for the resource using
a bad local path?  Consider in the case of a multi-user machine - and
99% of Windows machines are multi-user: the primary user, their family,
their spyware, their viruses ...

> - Even if an all-is-an-URI solution is to be found, I don't see why it > couldn't be compatible with the current (non-URI) draft.

Partly it's a matter of naming.  The term "vicinity" is unclear and
non-standard.  Plus if it is written purely for local files, some
issues and details will probably be awkward to generalize later.
Even if one is designing an API for local files, it is a good idea
to keep in mind at design time what issues might arise from
generalizing it.
	--Per Bothner
per@xxxxxxxxxxx   http://per.bothner.com/