[Owncloud] Bug report

Frank Karlitschek frank at owncloud.org
Sun Nov 25 21:46:35 UTC 2012 

On 25.11.2012, at 22:24, Simon Brereton <simon.buongiorno at gmail.com> wrote:

> Do you have a link for that assertion?
> 
> http://arstechnica.com/security/2012/10/firefox-16-vulnerability-attack-code-available-online/
> 
> It would seem to me that Javascript is still an issue.

That was a Firefox bug that is already fixed.


>  Cookies may not present a security issue, but a privacy one, and unless you're prepared to undergo a lot of effort allowing them on a per-site basis is a lot of work most people baulk at.

ownCloud is using only session cookies that are automatically removed when you close your browser and they are only send to ownCloud server. No privacy problem here.

Frank


> The more software on the internet works without cookies and without Javascript the safer the world is in general.
> 
> Simon
> 
> On Nov 25, 2012 12:11 PM, "Frank Karlitschek" <frank at owncloud.org> wrote:
> >
> > Hi Mikko,
> >
> > thanks for thew bug report.
> > Unfortunately we don´t plan to support browsers without support for cookies and javascript at the moment.
> > This would restrict our possibilities in the web interface significantly and would lead to a second completely different interface.
> >
> > (Session)-Cookies and javascript aren´t considered harmful or insecure nowadays. Most security people even think that having the session ID in the url is less secure than in a session cookie.
> >
> > Why do you think this is a problem?
> >
> > The problem with ogg files is a known limitation at the moment. I hope someone improves this in the future.
> >
> >
> > Frank
> >
> >
> >
> > On 25.11.2012, at 17:23, Mikko V. Viinamäki <Mikko.Viinamaki at students.turkuamk.fi> wrote:
> >
> > > Hi!
> > >
> > > Since I don't have a github account... I noticed the web interface fails silently in case you don't allow cookies and same if you don't allow JavaScript. Also, this .ogg file was not added onto the music tab in the interface http://commons.wikimedia.org/wiki/File:BedBugs%26SaltyDog.ogg I wonder why?
> > >
> > > Besides that, owncloud's looking pretty slick!
> > >
> > > Mikko
> > > _______________________________________________
> > > Owncloud mailing list
> > > Owncloud at kde.org
> > > https://mail.kde.org/mailman/listinfo/owncloud
> >
> > _______________________________________________
> > Owncloud mailing list
> > Owncloud at kde.org
> > https://mail.kde.org/mailman/listinfo/owncloud

More information about the Owncloud mailing list