[html5] r6743 - [e] (0) Mention some DOS risks with window.postMessage(). Fixing http://www.w3.o [...]

whatwg at whatwg.org whatwg at whatwg.org
Mon Oct 24 16:57:19 PDT 2011 

Author: ianh
Date: 2011-10-24 16:57:18 -0700 (Mon, 24 Oct 2011)
New Revision: 6743

Modified:
   complete.html
   index
   source
Log:
[e] (0) Mention some DOS risks with window.postMessage().
Fixing http://www.w3.org/Bugs/Public/show_bug.cgi?id=14329

Modified: complete.html
===================================================================
--- complete.html	2011-10-24 23:48:07 UTC (rev 6742)
+++ complete.html	2011-10-24 23:57:18 UTC (rev 6743)
@@ -240,7 +240,7 @@
 
   <header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
    <hgroup><h1 class=allcaps>HTML</h1>
-    <h2 class="no-num no-toc">Living Standard — Last Updated 24 October 2011</h2>
+    <h2 class="no-num no-toc">Living Standard — Last Updated 25 October 2011</h2>
    </hgroup><dl><dt><strong>Web developer edition:</strong></dt>
     <dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
     <dt>Multiple-page version:</dt>
@@ -81555,7 +81555,16 @@
   that the message is only delivered to the recipient to which it was
   intended.</p>
 
+  <hr><p>Authors who accept messages from any origin are encouraged to
+  consider the risks of a denial-of-service attack. An attacker could
+  send a high volume of messages; if the receiving page performs
+  expensive computation or causes network traffic to be sent for each
+  such message, the attacker's message could be multplied into a
+  denial-of-service attack. Authors are encouraged to employ rate
+  limiting (only accepting a certain number of messages per minute) to
+  make such attacks impractical.</p>
 
+
   <div class=impl>
 
   <h5 id=user-agents><span class=secno>11.4.2.2 </span>User agents</h5>
@@ -81571,6 +81580,10 @@
   disallowed for security reasons. It also requires that UAs be
   careful to allow access to certain properties but not others.</p>
 
+  <hr><p>User agents are also encouraged to consider rate-limiting message
+  traffic between different <a href=#origin title=origin>origins</a>, to
+  protect naïve sites from denial-of-service attacks.</p>
+
   </div>
 
 
@@ -81760,6 +81773,7 @@
 
 
 
+
   <h3 id=channel-messaging><span class=secno>11.5 </span><dfn>Channel messaging</dfn></h3>
 
   <h4 id=introduction-15><span class=secno>11.5.1 </span>Introduction</h4>

Modified: index
===================================================================
--- index	2011-10-24 23:48:07 UTC (rev 6742)
+++ index	2011-10-24 23:57:18 UTC (rev 6743)
@@ -240,7 +240,7 @@
 
   <header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
    <hgroup><h1 class=allcaps>HTML</h1>
-    <h2 class="no-num no-toc">Living Standard — Last Updated 24 October 2011</h2>
+    <h2 class="no-num no-toc">Living Standard — Last Updated 25 October 2011</h2>
    </hgroup><dl><dt><strong>Web developer edition:</strong></dt>
     <dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
     <dt>Multiple-page version:</dt>
@@ -81555,7 +81555,16 @@
   that the message is only delivered to the recipient to which it was
   intended.</p>
 
+  <hr><p>Authors who accept messages from any origin are encouraged to
+  consider the risks of a denial-of-service attack. An attacker could
+  send a high volume of messages; if the receiving page performs
+  expensive computation or causes network traffic to be sent for each
+  such message, the attacker's message could be multplied into a
+  denial-of-service attack. Authors are encouraged to employ rate
+  limiting (only accepting a certain number of messages per minute) to
+  make such attacks impractical.</p>
 
+
   <div class=impl>
 
   <h5 id=user-agents><span class=secno>11.4.2.2 </span>User agents</h5>
@@ -81571,6 +81580,10 @@
   disallowed for security reasons. It also requires that UAs be
   careful to allow access to certain properties but not others.</p>
 
+  <hr><p>User agents are also encouraged to consider rate-limiting message
+  traffic between different <a href=#origin title=origin>origins</a>, to
+  protect naïve sites from denial-of-service attacks.</p>
+
   </div>
 
 
@@ -81760,6 +81773,7 @@
 
 
 
+
   <h3 id=channel-messaging><span class=secno>11.5 </span><dfn>Channel messaging</dfn></h3>
 
   <h4 id=introduction-15><span class=secno>11.5.1 </span>Introduction</h4>

Modified: source
===================================================================
--- source	2011-10-24 23:48:07 UTC (rev 6742)
+++ source	2011-10-24 23:57:18 UTC (rev 6743)
@@ -92390,7 +92390,18 @@
   that the message is only delivered to the recipient to which it was
   intended.</p>
 
+  <hr>
 
+  <p>Authors who accept messages from any origin are encouraged to
+  consider the risks of a denial-of-service attack. An attacker could
+  send a high volume of messages; if the receiving page performs
+  expensive computation or causes network traffic to be sent for each
+  such message, the attacker's message could be multplied into a
+  denial-of-service attack. Authors are encouraged to employ rate
+  limiting (only accepting a certain number of messages per minute) to
+  make such attacks impractical.</p>
+
+
   <div class="impl">
 
   <h5>User agents</h5>
@@ -92407,6 +92418,12 @@
   disallowed for security reasons. It also requires that UAs be
   careful to allow access to certain properties but not others.</p>
 
+  <hr>
+
+  <p>User agents are also encouraged to consider rate-limiting message
+  traffic between different <span title="origin">origins</span>, to
+  protect naïve sites from denial-of-service attacks.</p>
+
   </div>
 
 
@@ -92635,6 +92652,7 @@
 
 
 
+
   <h3><dfn>Channel messaging</dfn></h3>
 
   <h4>Introduction</h4>

More information about the Commit-Watchers mailing list