[whatwg] Dealing with UI redress vulnerabilities inherent to the current web

Robert O'Callahan robert at ocallahan.org
Sat Sep 27 03:51:29 PDT 2008


On Sat, Sep 27, 2008 at 9:43 PM, Michal Zalewski <lcamtuf at dione.cc> wrote:

> Your whack-a-mole analogy is of course true, but it applies so much more to
> many ongoing browser security efforts, most notably including implementing
> robust cross-domain DOM access security checks; hardly a simple and
> well-defined component by itself, and proved to be extremely complex to
> implement right in practice, too. Pretty much *any* effort to patch the
> existing design is bound to be in practice kludgy, regardless of how much
> text is needed to outline implementation goals.
>

Note that if we had option 1 (or in general way for sites to say "do not
allow my resources (scripts, images, pages in IFRAMES) to be loaded
cross-origin, except as I explicitly permit via Access Controls"), that
would also protect such sites from holes associated with inadequate
cross-domain DOM security checks.

Default permission of cross-domain loads is responsible for *a lot* of
problems. Allowing sites to escape that would address a lot of problems,
even if it is opt-in. Eventually we could hope to reach a state where all
browsers support it, and most sites request it --- a much saner Web IMHO.

Rob
-- 
"He was pierced for our transgressions, he was crushed for our iniquities;
the punishment that brought us peace was upon him, and by his wounds we are
healed. We all, like sheep, have gone astray, each of us has turned to his
own way; and the LORD has laid on him the iniquity of us all." [Isaiah
53:5-6]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20080927/51af3c2d/attachment-0001.htm>


More information about the whatwg mailing list