[whatwg] The problem of duplicate ID as a security issue
Alexey Feldgendler
alexey at feldgendler.ru
Tue Mar 14 21:55:34 PST 2006
On Wed, 15 Mar 2006 02:42:27 +0600, Mihai Sucan <mihai.sucan at gmail.com>
wrote:
> I've made a short "investigation" regarding how browsers behave with
> document.getElementById('a-duplicate-ID').
>
> The page:
> http://www.robodesign.ro/_gunoaie/duplicate-ids.html
>
> Take a close look into the source (I've provided comments) to understand
> what the "Click me" tests and what it shows. You'll see major browsers
> I've tested behave the same: like with a queue, the last node that sets
> the duplicate ID is also the node that's returned when you use
> getElementById function.
Unfortunately we can't change it in a backwards-compatible way (though we
probably can define a stricter behavior for <!DOCTYPE html> only).
Seems like sandboxes as security barriers are the only solution to the
duplicate ID problem as a security thread -- at least the only one I can
think of.
-- Opera M2 9.0 TP2 on Debian Linux 2.6.12-1-k7
* Origin: X-Man's Station at SW-Soft, Inc. [ICQ: 115226275]
<alexey at feldgendler.ru>
More information about the whatwg
mailing list