[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Enable Java by default ?
From:       Holger Schurig <holgerschurig () gmx ! de>
Date:       2001-02-10 8:41:15
[Download RAW message or body]

> ... and he did a great job. However, we had another reason to have
> Java and JS disabled by default: Nobody can claim that Konqueror is
> "insecure by default". Such statements tend to appear after a
> security bug is found in any webbrowser or (even worse) in khtml
> itself. So its not only for safty but also for PR reasons.

Why not make a dialog for both JS and Java similar to the 
cookie-dialog?   If it is set to "ask" when you surve to a 
website with java (or more often, to a Javascript site) you get a 
dialog   "Allow always" (with a proper security warning), "Allow only 
this time", "Disallow always", "Disallow only this time". Where "this 
time" would have to mean "during the execution of this instance of 
Konquerer, but on all pages on this domain" or something like that.

That would give

- security by default
- awareness of the problem (because of the security warning)
- more user-friendlyness (currently the way to enable JS for a
   sucking site that does not work without is very tedious and
   error-prone because of potential mistypings)
- orthogonality, because JS, Java and Cookies behave similar

However, the security-awareness message would be new, so not very much 
liked by translators ...

[prev in list] [next in list] [prev in thread] [next in thread]