Hacker News new | ask | show | jobs
by lectrick 3883 days ago
Why wouldn't (or shouldn't) one be able to make it run standalone?
2 comments
shitloadofbooks 3883 days ago
It's to do with the browser security model and JavaScript restrictions on file:// paths.

I'm not entirely sure of the class of attack that it prevents, but it's been that way for quite a while now.

link
scott_karana 3883 days ago
For a while, browsers allowed unfettered Javascript access to local files, so malware sites would just get users to save the site, and run it.

Tada, access to local files, or unlimited XHR requests for DDoSing, etc. :-)

link
Fastidious 3883 days ago
I think it relates to the JavaScript used, and limitations imposed by the web browser.
link