Re: GRDDLing microformats with Greasemonkey
On 29 Aug 2005, at 22:48, Stefano Mazzocchi wrote:
>> I'm worried that web pages would be able to silently post data to
>> Piggy Bank if the POST mechanism was allowed to happen in the
>> background. If POSTing loaded a page from within Piggy Bank with
>> a confirmation button (as the data import works now) that could
>> work.
>>
>
> What I proposed above is even more than this: a post will have to
> be authenticated to go thru, this means that a browser will pop you
> for a login dialog (the one that normally you see on web sites) or
> it will return you a 'access denied' page.
It would have to give you the login dialog every time, otherwise once
you're authenticated a page could POST to your local bank using a
hidden iframe, or something like that, but I suppose having to click
an extra confirmation each time wouldn't be too much of a problem.
alf.
Received on Mon Aug 29 2005 - 21:07:38 EDT
This archive was generated by hypermail 2.3.0
: Thu Aug 09 2012 - 16:39:18 EDT