[html5] r4615 - [e] (0) Warn readers about sandboxing not being a panacea.

whatwg at whatwg.org whatwg at whatwg.org
Tue Jan 19 16:46:18 PST 2010


Author: ianh
Date: 2010-01-19 16:46:16 -0800 (Tue, 19 Jan 2010)
New Revision: 4615

Modified:
   complete.html
   index
   source
Log:
[e] (0) Warn readers about sandboxing not being a panacea.

Modified: complete.html
===================================================================
--- complete.html	2010-01-19 10:31:40 UTC (rev 4614)
+++ complete.html	2010-01-20 00:46:16 UTC (rev 4615)
@@ -110,7 +110,7 @@
 
   <header class=head id=head><p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
    <hgroup><h1>Web Applications 1.0</h1>
-    <h2 class="no-num no-toc">Draft Standard — 19 January 2010</h2>
+    <h2 class="no-num no-toc">Draft Standard — 20 January 2010</h2>
    </hgroup><p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
    <p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
    <!--<p class="impl"><strong>Implementors!</strong> We have a <a href="http://www.whatwg.org/mailing-list#implementors">mailing list</a> for you too!</p>-->
@@ -19677,6 +19677,12 @@
   origin</a> as the page containing the <code><a href=#the-iframe-element>iframe</a></code> allows
   the embedded page to simply remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute.</p>
 
+  <p class=warning>Sandboxing hostile content is of minimal help if
+  an attacker can convince the user to just visit the hostile content
+  directly, rather than in the <code><a href=#the-iframe-element>iframe</a></code>. To limit the
+  damage that can be caused by hostile HTML content, it should be
+  served using the <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> MIME type.</p>
+
   <div class=impl>
 
   <!-- v2: Add a new attribute that enables new restrictions, e.g.:

Modified: index
===================================================================
--- index	2010-01-19 10:31:40 UTC (rev 4614)
+++ index	2010-01-20 00:46:16 UTC (rev 4615)
@@ -112,7 +112,7 @@
 
   <header class=head id=head><p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
    <hgroup><h1>HTML5 (including next generation additions still in development)</h1>
-    <h2 class="no-num no-toc">Draft Standard — 19 January 2010</h2>
+    <h2 class="no-num no-toc">Draft Standard — 20 January 2010</h2>
    </hgroup><p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
    <p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
    <!--<p class="impl"><strong>Implementors!</strong> We have a <a href="http://www.whatwg.org/mailing-list#implementors">mailing list</a> for you too!</p>-->
@@ -19577,6 +19577,12 @@
   origin</a> as the page containing the <code><a href=#the-iframe-element>iframe</a></code> allows
   the embedded page to simply remove the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute.</p>
 
+  <p class=warning>Sandboxing hostile content is of minimal help if
+  an attacker can convince the user to just visit the hostile content
+  directly, rather than in the <code><a href=#the-iframe-element>iframe</a></code>. To limit the
+  damage that can be caused by hostile HTML content, it should be
+  served using the <code><a href=#text/html-sandboxed>text/html-sandboxed</a></code> MIME type.</p>
+
   <div class=impl>
 
   <!-- v2: Add a new attribute that enables new restrictions, e.g.:

Modified: source
===================================================================
--- source	2010-01-19 10:31:40 UTC (rev 4614)
+++ source	2010-01-20 00:46:16 UTC (rev 4615)
@@ -20930,6 +20930,12 @@
   the embedded page to simply remove the <code
   title="attr-iframe-sandbox">sandbox</code> attribute.</p>
 
+  <p class="warning">Sandboxing hostile content is of minimal help if
+  an attacker can convince the user to just visit the hostile content
+  directly, rather than in the <code>iframe</code>. To limit the
+  damage that can be caused by hostile HTML content, it should be
+  served using the <code>text/html-sandboxed</code> MIME type.</p>
+
   <div class="impl">
 
   <!-- v2: Add a new attribute that enables new restrictions, e.g.:




More information about the Commit-Watchers mailing list