Security for launching from URL

Eben Eliason eben.eliason at
Mon Jul 7 13:18:36 EDT 2008

On Mon, Jul 7, 2008 at 1:08 PM, Benjamin M. Schwartz
<bmschwar at> wrote:
> Hash: SHA1
> Eben Eliason wrote:
> | I really don't see anything wrong with injecting a modal alert,
> | displayed by Sugar, into this process if we must.  Clicking on an mp3
> | in Browse would reveal this alert, and ask for confirmation that the
> | user wishes to open it.  It would, of course, offer a list of
> | activities which support its mime-type (assuming there are more than
> | one).  It could potentially include a way to set the default handler
> | as well, such that the next time it is revealed for the same mime-type
> | a different default is chosen.
> I appear to be on a different wavelength from everyone else here.  As far
> as I can tell, what you have just described is _precisely_ the Details
> view in the Journal.  In fact, Browse already does exactly this; it
> downloads the MP3 file into the Datastore and directs the user to the
> Details page, which presents the user with a list of all Activities that
> have registered this MIME-type.

No, what I've described is precisely /not/ the details view.  I
specifically want the dialog to appear in context, so that the gap
between the activity which initiates the launch and the launched
activity is smaller.  Dropping the user into the Journal for this is
not an optimal experience, to me; I want a less jarring way to bridge
the gap.

> The current pathways could use some refinement, but this system is already
> in place.  There is no need to imagine new Bitfrost extensions or design
> some new launching GUI.

The "new GUI" is simply an alert, which makes the "second click" (or
better yet, just a press of the enter key) immediate and obvious, and
within the context of the launching activity.  I'm not talking about
anything that fancy.

- Eben

More information about the Devel mailing list