[whatwg] Dealing with UI redress vulnerabilities inherent to the current web
elharo at metalab.unc.edu
Tue Sep 30 07:55:17 PDT 2008
>> That's a sometimes convenient feature for site developers, but
>> there's nothing you can do with content loaded from two sites you
>> can't do with content loaded from one.
> Here's some I can think of:
> * Many sites are funded by displaying adverts from a third-party service
> which picks appropriate ads for the current user-page combination.
Serve ads from the host site.
> Further, I don't see how users can be tracked across multiple sites.
> This is useful to serve users a variety of different ads, rather than
> the same one lots of times, even as they read multiple sites which all
> use the same third party ad service.
That's a feature, not a bug. Or another way: users shouldn't be able to
be tracked across sites. That they are is a bug, not a feature.
> * Third party traffic analysis services, ranging from simple image hit-
> counters to something like Google Analytics, require being part of a
> page's loading.
Not all such services do require this though. Google Analytics
implementation decisions are not the only ones possible.
I don't have time to respond in detail to each of the valid points your
raise. I may later. However each of them can be handled in a different
way that doesn't require third party content and mashups. The reason we
have designed these systems this way is because it was quick and easy,
not because it was the only way to do these tasks. If we break these
things such that third party content is no longer the simplest solution
that could possibly work, then developers and sites will move on to the
next simplest solution.
The bottom line is that bad implementation decisions made years ago with
respect to third party content are causing security issues now. We can't
paper over these problems. Anything less than addressing the root cause
Addressing the root cause will cause pain because a lot of systems you
mention will have to be rewritten to work in the new world. So be it.
Nothing else will work, and the sooner we recognize that, the sooner
everything will be fixed.
Elliotte Rusty Harold elharo at metalab.unc.edu
Refactoring HTML Just Published!
More information about the whatwg