[Owncloud] Bug report
Bernhard Posselt
nukeawhale at gmail.com
Sun Nov 25 21:22:31 UTC 2012
Owncloud doesnt work without JavaScript, therefore JavaScript is
mandatory (simple as that ;) ). As for cookies, try to use something
like
https://addons.mozilla.org/en-US/firefox/addon/cookie-monster/?src=search
On 11/25/2012 11:13 PM, Simon Brereton wrote:
> Yes - for this one site. Which I'd trust. But short of using owncloud in
> a separate browser I'm forced to accept ask session cookies just to
> accommodate the few I can trust.
>
> Ditto the Javascript.
>
> Simon
>
> On Nov 25, 2012 4:46 PM, "Frank Karlitschek" <frank at owncloud.org> wrote:
>>
>> On 25.11.2012, at 22:24, Simon Brereton <simon.buongiorno at gmail.com>
> wrote:
>>> Do you have a link for that assertion?
>>>
>>>
> http://arstechnica.com/security/2012/10/firefox-16-vulnerability-attack-code-available-online/
>>> It would seem to me that Javascript is still an issue.
>> That was a Firefox bug that is already fixed.
>>
>>
>>> Cookies may not present a security issue, but a privacy one, and
> unless you're prepared to undergo a lot of effort allowing them on a
> per-site basis is a lot of work most people baulk at.
>> ownCloud is using only session cookies that are automatically removed
> when you close your browser and they are only send to ownCloud server. No
> privacy problem here.
>> Frank
>>
>>
>>> The more software on the internet works without cookies and without
> Javascript the safer the world is in general.
>>> Simon
>>>
>>> On Nov 25, 2012 12:11 PM, "Frank Karlitschek" <frank at owncloud.org>
> wrote:
>>>> Hi Mikko,
>>>>
>>>> thanks for thew bug report.
>>>> Unfortunately we don´t plan to support browsers without support for
> cookies and javascript at the moment.
>>>> This would restrict our possibilities in the web interface
> significantly and would lead to a second completely different interface.
>>>> (Session)-Cookies and javascript aren´t considered harmful or
> insecure nowadays. Most security people even think that having the session
> ID in the url is less secure than in a session cookie.
>>>> Why do you think this is a problem?
>>>>
>>>> The problem with ogg files is a known limitation at the moment. I
> hope someone improves this in the future.
>>>>
>>>> Frank
>>>>
>>>>
>>>>
>>>> On 25.11.2012, at 17:23, Mikko V. Viinamäki <
> Mikko.Viinamaki at students.turkuamk.fi> wrote:
>>>>> Hi!
>>>>>
>>>>> Since I don't have a github account... I noticed the web interface
> fails silently in case you don't allow cookies and same if you don't allow
> JavaScript. Also, this .ogg file was not added onto the music tab in the
> interface http://commons.wikimedia.org/wiki/File:BedBugs%26SaltyDog.ogg I
> wonder why?
>>>>> Besides that, owncloud's looking pretty slick!
>>>>>
>>>>> Mikko
>>>>> _______________________________________________
>>>>> Owncloud mailing list
>>>>> Owncloud at kde.org
>>>>> https://mail.kde.org/mailman/listinfo/owncloud
>>>> _______________________________________________
>>>> Owncloud mailing list
>>>> Owncloud at kde.org
>>>> https://mail.kde.org/mailman/listinfo/owncloud
>
>
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud
More information about the Owncloud
mailing list