Re: W3C Specs: Web SQL

Excerpts from Charles Pritchard's message of sáb nov 06 23:20:13 -0300 2010:

> Simple async sql sub-set (the spec in trouble):
> http://dev.w3.org/html5/webdatabase/

This is insane.  This spec allows the server to run arbitrary SQL
commands on the client, AFAICT.  That seems like infinite joy for
malicious people running webservers.  The more powerful the dialect of
SQL the client implements, the more dangerous it is.

-- 
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support