12
edits
Firefox3/ContentManagement:Scenarios: Difference between revisions
Firefox3/ContentManagement:Scenarios (view source)
Revision as of 21:56, 27 June 2007
, 27 June 2007→Security Privacy
| Line 40: | Line 40: | ||
** ''Origin'' -- The URI exposes where the data come from | ** ''Origin'' -- The URI exposes where the data come from | ||
** ''File Name'' -- The path or filename in the URI may give some indication of its contents (e.g, "http://witehouse.gov/Bin_Laden_Determined_to_Attack_Inside_US.doc") | ** ''File Name'' -- The path or filename in the URI may give some indication of its contents (e.g, "http://witehouse.gov/Bin_Laden_Determined_to_Attack_Inside_US.doc") | ||
** | ** ''Credentials'' -- URI may contain a username and/or password | ||
* '''POST''' | * '''POST''' | ||
** ''File Contents'' -- It is obviously the user's intent to expose the file contents... however they may have set a default web app for a file type for personal data and then later click to open a sensitive document, forgetting that it will get sent to that web app. | ** ''File Contents'' -- It is obviously the user's intent to expose the file contents... however they may have set a default web app for a file type for personal data and then later click to open a sensitive document, forgetting that it will get sent to that web app. | ||