The only
way to obtain device upload does not even involve the INPUT tag
(on Windows' MSIE, the OBJECT tag is used with an insecure
"ActiveX" binary; on Netscape Navigator under Windows, the EMBED
tag is used with a similarly insecure arrangement where the user
must "Grant All" system privleges to the EMBEDed binary code.)
Yes, well, one could probably use OBJECT/EMBED to make pigs fly if one
were so inclined and prepared to waive the relevant security precautions.
Such implementations are interesting in that they demonstrate the
availability of the technology, but the applicability of their syntax to a
general purpose mechanism for a specific need is low to nil. This
situation is by no means unique to device upload, nor is it a particularly
surprising outcome.
This complex state of affairs need not be so.
If the W3C would just take a stand, and tell the browser vendors
that in order to be compliant with the W3C Recommendations, if
device upload is implemented then it should be available in a
certain way, then they would probably conform to stay compliant.
The W3C has defined conformance terms for HTML 4, CSS1, CSS2... And how
many browsers conform to date? I'm a little bit skeptical that having the
W3C stomp its feet would do a bit of good.