[html5] r7527 - [giow] (1) Take into account some more security concerns Fixing https://www.w3.o [...]
whatwg at whatwg.org
whatwg at whatwg.org
Thu Nov 22 16:04:07 PST 2012
Author: ianh
Date: 2012-11-22 16:04:06 -0800 (Thu, 22 Nov 2012)
New Revision: 7527
Modified:
complete.html
index
source
Log:
[giow] (1) Take into account some more security concerns
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=18806
Affected topics: DOM APIs, HTML, Security
Modified: complete.html
===================================================================
--- complete.html 2012-11-22 22:46:44 UTC (rev 7526)
+++ complete.html 2012-11-23 00:04:06 UTC (rev 7527)
@@ -248,7 +248,7 @@
<header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
- <h2 class="no-num no-toc">Living Standard — Last Updated 22 November 2012</h2>
+ <h2 class="no-num no-toc">Living Standard — Last Updated 23 November 2012</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
@@ -77636,7 +77636,8 @@
<p>If the <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
method is invoked with a scheme that is neither a <a href=#whitelisted-scheme>whitelisted scheme</a> nor a scheme
whose value starts with the substring "<code title="">web+</code>" and otherwise contains only
- <span>lowercase ASCII characters</span>, the user agent must throw a <code><a href=#securityerror>SecurityError</a></code>
+ <a href=#lowercase-ascii-letters>lowercase ASCII letters</a>, and whose length is at least five characters (including
+ the "<code title="">web+</code>" prefix), the user agent must throw a <code><a href=#securityerror>SecurityError</a></code>
exception.</p>
<p>The following schemes are the <dfn id=whitelisted-scheme title="whitelisted
@@ -78102,6 +78103,17 @@
require the user to know whether to trust the third-party handler, a
decision many users are unable to make or even understand).</p>
+ <p><strong>Interface interference.</strong> User agents should be prepared to handle intentionally
+ long arguments to the methods. For example, if the user interface exposed consists of an "accept"
+ button and a "deny" button, with the "accept" binding containing the name of the handler, it's
+ important that a long name not cause the "deny" button to be pushed off the screen.</p>
+
+ <p><strong>Fingerprinting users.</strong> Since a site can detect if it has attempted to register
+ a particular handler or not, whether or not the user responds, the mechanism can be used to store
+ data. User agents are therefore strongly urged to treat registrations in the same manner as
+ cookies: clearing cookies for a site should also clear all registrations for that site, and
+ disabling cookies for a site should also disable registrations.</p>
+
</div>
<!--REMOVE-TOPIC:Security-->
@@ -106848,6 +106860,7 @@
Chris Evans,
Chris Morris,
Chris Pearce,
+ Chris Weber,
Christian Biesinger,
Christian Johansen,
Christian Schmidt,
Modified: index
===================================================================
--- index 2012-11-22 22:46:44 UTC (rev 7526)
+++ index 2012-11-23 00:04:06 UTC (rev 7527)
@@ -248,7 +248,7 @@
<header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
- <h2 class="no-num no-toc">Living Standard — Last Updated 22 November 2012</h2>
+ <h2 class="no-num no-toc">Living Standard — Last Updated 23 November 2012</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
@@ -77636,7 +77636,8 @@
<p>If the <code title=dom-navigator-registerProtocolHandler><a href=#dom-navigator-registerprotocolhandler>registerProtocolHandler()</a></code>
method is invoked with a scheme that is neither a <a href=#whitelisted-scheme>whitelisted scheme</a> nor a scheme
whose value starts with the substring "<code title="">web+</code>" and otherwise contains only
- <span>lowercase ASCII characters</span>, the user agent must throw a <code><a href=#securityerror>SecurityError</a></code>
+ <a href=#lowercase-ascii-letters>lowercase ASCII letters</a>, and whose length is at least five characters (including
+ the "<code title="">web+</code>" prefix), the user agent must throw a <code><a href=#securityerror>SecurityError</a></code>
exception.</p>
<p>The following schemes are the <dfn id=whitelisted-scheme title="whitelisted
@@ -78102,6 +78103,17 @@
require the user to know whether to trust the third-party handler, a
decision many users are unable to make or even understand).</p>
+ <p><strong>Interface interference.</strong> User agents should be prepared to handle intentionally
+ long arguments to the methods. For example, if the user interface exposed consists of an "accept"
+ button and a "deny" button, with the "accept" binding containing the name of the handler, it's
+ important that a long name not cause the "deny" button to be pushed off the screen.</p>
+
+ <p><strong>Fingerprinting users.</strong> Since a site can detect if it has attempted to register
+ a particular handler or not, whether or not the user responds, the mechanism can be used to store
+ data. User agents are therefore strongly urged to treat registrations in the same manner as
+ cookies: clearing cookies for a site should also clear all registrations for that site, and
+ disabling cookies for a site should also disable registrations.</p>
+
</div>
<!--REMOVE-TOPIC:Security-->
@@ -106848,6 +106860,7 @@
Chris Evans,
Chris Morris,
Chris Pearce,
+ Chris Weber,
Christian Biesinger,
Christian Johansen,
Christian Schmidt,
Modified: source
===================================================================
--- source 2012-11-22 22:46:44 UTC (rev 7526)
+++ source 2012-11-23 00:04:06 UTC (rev 7527)
@@ -91033,7 +91033,8 @@
<p>If the <code title="dom-navigator-registerProtocolHandler">registerProtocolHandler()</code>
method is invoked with a scheme that is neither a <span>whitelisted scheme</span> nor a scheme
whose value starts with the substring "<code title="">web+</code>" and otherwise contains only
- <span>lowercase ASCII characters</span>, the user agent must throw a <code>SecurityError</code>
+ <span>lowercase ASCII letters</span>, and whose length is at least five characters (including
+ the "<code title="">web+</code>" prefix), the user agent must throw a <code>SecurityError</code>
exception.</p>
<p>The following schemes are the <dfn title="whitelisted
@@ -91562,6 +91563,17 @@
require the user to know whether to trust the third-party handler, a
decision many users are unable to make or even understand).</p>
+ <p><strong>Interface interference.</strong> User agents should be prepared to handle intentionally
+ long arguments to the methods. For example, if the user interface exposed consists of an "accept"
+ button and a "deny" button, with the "accept" binding containing the name of the handler, it's
+ important that a long name not cause the "deny" button to be pushed off the screen.</p>
+
+ <p><strong>Fingerprinting users.</strong> Since a site can detect if it has attempted to register
+ a particular handler or not, whether or not the user responds, the mechanism can be used to store
+ data. User agents are therefore strongly urged to treat registrations in the same manner as
+ cookies: clearing cookies for a site should also clear all registrations for that site, and
+ disabling cookies for a site should also disable registrations.</p>
+
</div>
<!--REMOVE-TOPIC:Security-->
@@ -125390,6 +125402,7 @@
Chris Evans,
Chris Morris,
Chris Pearce,
+ Chris Weber,
Christian Biesinger,
Christian Johansen,
Christian Schmidt,
More information about the Commit-Watchers
mailing list