[whatwg] Dealing with UI redress vulnerabilities inherent to the current web

Adam Barth whatwg at adambarth.com
Tue Sep 30 09:55:15 PDT 2008


On Tue, Sep 30, 2008 at 9:31 AM, Henri Sivonen <hsivonen at iki.fi> wrote:
> This could be addressed by sending a cryptographic hash of the origin (using
> an algorithm that is commonly available in libraries used by server-side
> programmers).

Interesting idea.  So you're suggesting something like:

Origin-SHA1: 4e13de73de2d1a1c350eb4ae429bb7b009a21a84

This sounds like it would work well if the site owner knew exactly all
the origins he was expecting, but it makes it difficult to enforce a
policy like "process this request if it came from a subdomain of
example.com."  Also, as a server operator, if I start getting a bunch
of requests with a new origin hash, I'd have to guess whether this was
an attack or another service on my network that I forgot about.
(Traffic volumes might be a good clue about this.)

Adam



More information about the whatwg mailing list