On Mon, 25 Jul 2016 10:46:28 -0500 Bruno Wolff III <bruno@xxxxxxxx> wrote: > On Mon, Jul 25, 2016 at 10:30:57 -0400, > rkolathu <rkolathu@xxxxxxxxxx> wrote: > >Hi bruno > > > >Thanks for the great suggestion, having a button to do push requests > >from the testing branch to the stable one seems like a great idea > >and implementable as well. However I could not understand the part > >about not having to enable to javascript. If you could explain me > >more about this it will be great. Meanwhile opening an RFE in the > >github page https://github.com/fedora-infra/bodhi/issues would be > >great as well > > Turning on javascript significantly increases the risk on being > compromised through a browser. While I implicitly trust Fedora since > I am running Fedora code on my laptops, server and work desktop, > having to turn it on still poses some increase in that bodhi > specifically is compromised or that I forget to turn it off when > looking at some place else. Well, I guess it depends on how you manage those permissions? Shouldn't whatever you are using remember that you said it was ok for bodhi to use javascript? I'm not sure it's really practical for a complex application like bodhi to be all that functional without javascript. Especally when there is a command line that should be able to do all that you need also. kevin
Attachment:
pgpK0Td0WUEPc.pgp
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx