Re: GRDDLing microformats with Greasemonkey

From: Alf Eaton <>
Date: Mon, 29 Aug 2005 23:11:33 +0200

On 29 Aug 2005, at 22:48, Stefano Mazzocchi wrote:

>> I'm worried that web pages would be able to silently post data to
>> Piggy Bank if the POST mechanism was allowed to happen in the
>> background. If POSTing loaded a page from within Piggy Bank with
>> a confirmation button (as the data import works now) that could
>> work.
> What I proposed above is even more than this: a post will have to
> be authenticated to go thru, this means that a browser will pop you
> for a login dialog (the one that normally you see on web sites) or
> it will return you a 'access denied' page.

It would have to give you the login dialog every time, otherwise once
you're authenticated a page could POST to your local bank using a
hidden iframe, or something like that, but I suppose having to click
an extra confirmation each time wouldn't be too much of a problem.

Received on Mon Aug 29 2005 - 21:07:38 EDT

This archive was generated by hypermail 2.3.0 : Thu Aug 09 2012 - 16:39:18 EDT