[html5] r4407 - [giow] (0) Prevent seamless='' from being used in iframes embedded in sandboxed [...]
whatwg at whatwg.org
whatwg at whatwg.org
Sat Dec 5 23:11:29 PST 2009
Author: ianh
Date: 2009-12-05 23:11:26 -0800 (Sat, 05 Dec 2009)
New Revision: 4407
Modified:
complete.html
index
source
Log:
[giow] (0) Prevent seamless='' from being used in iframes embedded in sandboxed iframes.
Modified: complete.html
===================================================================
--- complete.html 2009-12-06 07:01:04 UTC (rev 4406)
+++ complete.html 2009-12-06 07:11:26 UTC (rev 4407)
@@ -110,7 +110,7 @@
<header class=head><p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
<hgroup><h1>Web Applications 1.0</h1>
- <h2 class="no-num no-toc">Draft Standard — 4 December 2009</h2>
+ <h2 class="no-num no-toc">Draft Standard — 6 December 2009</h2>
</hgroup><p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
<p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
<!--<p class="impl"><strong>Implementors!</strong> We have a <a href="http://www.whatwg.org/mailing-list#implementors">mailing list</a> for you too!</p>-->
@@ -20404,6 +20404,23 @@
</dd>
+ <dt>The <dfn id=sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</dfn></dt>
+
+ <dd>
+
+ <p>This flag prevents content from using the <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attribute on
+ descendant <code><a href=#the-iframe-element>iframe</a></code> elements.</p>
+
+ <p class=note>This prevents a page inserted using the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
+ keyword from using a CSS-selector-based method of probing the DOM
+ of other pages on the same site (in particular, pages that contain
+ user-sensitive information).</p>
+
+ <!-- http://lists.w3.org/Archives/Public/public-web-security/2009Dec/thread.html#msg51 -->
+
+ </dd>
+
+
<dt>The <dfn id=sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</dfn>, unless
the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute's
value, when <a href=#split-a-string-on-spaces title="split a string on spaces">split on
@@ -20526,13 +20543,16 @@
context</a> is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). <span class=impl>Specifically, when the
- attribute is set on an element and while the <a href=#browsing-context>browsing
- context</a>'s <a href=#active-document>active document</a> has the <a href=#same-origin>same
- origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, or the
- <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a>'s
- <em><a href="#the-document's-address" title="the document's address">address</a></em> has the
- <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's
- document, the following requirements apply:</span></p>
+ attribute is set on an <code><a href=#the-iframe-element>iframe</a></code> element whose owner
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> does not have
+ the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set and while
+ either the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a> has the <a href=#same-origin>same origin</a> as the
+ <code><a href=#the-iframe-element>iframe</a></code> element's document, or the <a href=#browsing-context>browsing
+ context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
+ document's address">address</a></em> has the <a href=#same-origin>same
+ origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, the
+ following requirements apply:</span></p>
<div class=impl>
@@ -86512,6 +86532,7 @@
Drew Wilson,
Edmund Lai,
Eduard Pascual,
+ Eduardo Vela,
Edward O'Connor,
Edward Welbourne,
Edward Z. Yang,
Modified: index
===================================================================
--- index 2009-12-06 07:01:04 UTC (rev 4406)
+++ index 2009-12-06 07:11:26 UTC (rev 4407)
@@ -20242,6 +20242,23 @@
</dd>
+ <dt>The <dfn id=sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</dfn></dt>
+
+ <dd>
+
+ <p>This flag prevents content from using the <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attribute on
+ descendant <code><a href=#the-iframe-element>iframe</a></code> elements.</p>
+
+ <p class=note>This prevents a page inserted using the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
+ keyword from using a CSS-selector-based method of probing the DOM
+ of other pages on the same site (in particular, pages that contain
+ user-sensitive information).</p>
+
+ <!-- http://lists.w3.org/Archives/Public/public-web-security/2009Dec/thread.html#msg51 -->
+
+ </dd>
+
+
<dt>The <dfn id=sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</dfn>, unless
the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute's
value, when <a href=#split-a-string-on-spaces title="split a string on spaces">split on
@@ -20364,13 +20381,16 @@
context</a> is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). <span class=impl>Specifically, when the
- attribute is set on an element and while the <a href=#browsing-context>browsing
- context</a>'s <a href=#active-document>active document</a> has the <a href=#same-origin>same
- origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, or the
- <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a>'s
- <em><a href="#the-document's-address" title="the document's address">address</a></em> has the
- <a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's
- document, the following requirements apply:</span></p>
+ attribute is set on an <code><a href=#the-iframe-element>iframe</a></code> element whose owner
+ <code>Document</code>'s <a href=#browsing-context>browsing context</a> does not have
+ the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set and while
+ either the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
+ document</a> has the <a href=#same-origin>same origin</a> as the
+ <code><a href=#the-iframe-element>iframe</a></code> element's document, or the <a href=#browsing-context>browsing
+ context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
+ document's address">address</a></em> has the <a href=#same-origin>same
+ origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, the
+ following requirements apply:</span></p>
<div class=impl>
@@ -78294,6 +78314,7 @@
Drew Wilson,
Edmund Lai,
Eduard Pascual,
+ Eduardo Vela,
Edward O'Connor,
Edward Welbourne,
Edward Z. Yang,
Modified: source
===================================================================
--- source 2009-12-06 07:01:04 UTC (rev 4406)
+++ source 2009-12-06 07:11:26 UTC (rev 4407)
@@ -21688,6 +21688,25 @@
</dd>
+ <dt>The <dfn>sandboxed seamless iframes flag</dfn></dt>
+
+ <dd>
+
+ <p>This flag prevents content from using the <code
+ title="attr-iframe-seamless">seamless</code> attribute on
+ descendant <code>iframe</code> elements.</p>
+
+ <p class="note">This prevents a page inserted using the <code
+ title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>
+ keyword from using a CSS-selector-based method of probing the DOM
+ of other pages on the same site (in particular, pages that contain
+ user-sensitive information).</p>
+
+ <!-- http://lists.w3.org/Archives/Public/public-web-security/2009Dec/thread.html#msg51 -->
+
+ </dd>
+
+
<dt>The <dfn>sandboxed origin browsing context flag</dfn>, unless
the <code title="attr-iframe-sandbox">sandbox</code> attribute's
value, when <span title="split a string on spaces">split on
@@ -21826,13 +21845,16 @@
context</span> is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). <span class="impl">Specifically, when the
- attribute is set on an element and while the <span>browsing
- context</span>'s <span>active document</span> has the <span>same
- origin</span> as the <code>iframe</code> element's document, or the
- <span>browsing context</span>'s <span>active document</span>'s
- <em><span title="the document's address">address</span></em> has the
- <span>same origin</span> as the <code>iframe</code> element's
- document, the following requirements apply:</span></p>
+ attribute is set on an <code>iframe</code> element whose owner
+ <code>Document</code>'s <span>browsing context</span> does not have
+ the <span>sandboxed seamless iframes flag</span> set and while
+ either the <span>browsing context</span>'s <span>active
+ document</span> has the <span>same origin</span> as the
+ <code>iframe</code> element's document, or the <span>browsing
+ context</span>'s <span>active document</span>'s <em><span title="the
+ document's address">address</span></em> has the <span>same
+ origin</span> as the <code>iframe</code> element's document, the
+ following requirements apply:</span></p>
<div class="impl">
@@ -96776,6 +96798,7 @@
Drew Wilson,
Edmund Lai,
Eduard Pascual,
+ Eduardo Vela,
Edward O'Connor,
Edward Welbourne,
Edward Z. Yang,
More information about the Commit-Watchers
mailing list