[Javascript] Resizing images client-side

Troy III Ajnej trojani2000 at hotmail.com
Sat Jul 14 18:11:25 CDT 2007 

I used to like this this way of thinking, but past years is has become
a stereotype. Every jerk will come up and say just about that, don't
you think so? 
 
Some say:
> No, because it would be a major security issue. :-)
 
No,not at all!
 
There is nothing you can do with the contents of the image tag, except
display it (!your own image) on your own browser window, and after it gets
displayed and available (on your browser chache) you can retrieve the 
image size and other properties as with any other image, but nothing more!
 
What else could a malicious coder achieve with this?
 
--
For this solution, to become fully functional in practice, it is necesary 
to modify it in a proper way so the script would work in firefox also.
firefox will require a combined escaped version of the file address!
 
> When the image in question is *on the local machine* IE7 reports a> fileSize of -1; didn't try it with any older versions, though.
If I find time, I will look into this...
 
Regards and thank's for your feedback
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~                                        Troy III                            progressive art enterprise~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



> Date: Sat, 14 Jul 2007 13:03:20 -0700> From: hassan at webtuitive.com> To: javascript at LaTech.edu> Subject: Re: [Javascript] Resizing images client-side> > Troy III Ajnej wrote:> > > > Would love to see what you might make.> > > > Doesn't everybody, including myself, hope and expect my statement> > to be true to a certain extent?> > No, because it would be a major security issue. :-)> > > This will work on IE version browsers for sure> > Bzzzt! Nope, sorry.> > When the image in question is *on the local machine* IE7 reports a> fileSize of -1; didn't try it with any older versions, though.> > -- > Hassan Schroeder ----------------------------- hassan at webtuitive.com> Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com> > dream. code.> > _______________________________________________> Javascript mailing list> Javascript at LaTech.edu> https://lists.LaTech.edu/mailman/listinfo/javascript
_________________________________________________________________
Missed the show?  Watch videos of the Live Earth Concert on MSN.
http://liveearth.msn.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolt.org/pipermail/javascript/attachments/20070714/e08524c0/attachment.htm>

More information about the Javascript mailing list