[html5] r2999 - [e] (0) Warn about not trusting trusted sources in postMessage(). (credit: jw)

whatwg at whatwg.org whatwg at whatwg.org
Sun Apr 26 23:16:43 PDT 2009


Author: ianh
Date: 2009-04-26 23:16:42 -0700 (Sun, 26 Apr 2009)
New Revision: 2999

Modified:
   index
   source
Log:
[e] (0) Warn about not trusting trusted sources in postMessage(). (credit: jw)

Modified: index
===================================================================
--- index	2009-04-27 04:11:15 UTC (rev 2998)
+++ index	2009-04-27 06:16:42 UTC (rev 2999)
@@ -51009,6 +51009,13 @@
   receive messages from. Otherwise, bugs in the author's message
   handling code could be exploited by hostile sites.</p>
 
+  <p>Furthermore, even after checking the <code title=dom-MessageEvent-origin><a href=#dom-messageevent-origin>origin</a></code> attribute, authors
+  should also check that the data in question is of the expected
+  format. Otherwise, if the source of the event has been attacked
+  using a cross-site scripting flaw, further unchecked processing of
+  information sent using the <code title=dom-window-postMessage-2><a href=#dom-window-postmessage-2>postMessage()</a></code> method could
+  result in the attack being propagated into the receiver.</p>
+
   <p>Authors should not use the wildcard keyword ("*") in the <var title="">targetOrigin</var> argument in messages that contain any
   confidential information, as otherwise there is no way to guarantee
   that the message is only delivered to the recipient to which it was

Modified: source
===================================================================
--- source	2009-04-27 04:11:15 UTC (rev 2998)
+++ source	2009-04-27 06:16:42 UTC (rev 2999)
@@ -62930,6 +62930,15 @@
   receive messages from. Otherwise, bugs in the author's message
   handling code could be exploited by hostile sites.</p>
 
+  <p>Furthermore, even after checking the <code
+  title="dom-MessageEvent-origin">origin</code> attribute, authors
+  should also check that the data in question is of the expected
+  format. Otherwise, if the source of the event has been attacked
+  using a cross-site scripting flaw, further unchecked processing of
+  information sent using the <code
+  title="dom-window-postMessage-2">postMessage()</code> method could
+  result in the attack being propagated into the receiver.</p>
+
   <p>Authors should not use the wildcard keyword ("*") in the <var
   title="">targetOrigin</var> argument in messages that contain any
   confidential information, as otherwise there is no way to guarantee




More information about the Commit-Watchers mailing list