[whatwg] origin+path namespacing and security
Mike Wilson
mikewse at hotmail.com
Fri Aug 28 02:17:36 PDT 2009
Adam Barth wrote:
> Mike Wilson<mikewse at hotmail.com> wrote:
> > - this mechanism needs a way to specify the blessed path,
> > maybe something along the lines of document.domain or a
> > response header
>
> 1) Document.domain is an abomination. We certainly don't want more
> features like that.
>
> 2) There's a race condition in such a "default insecure" approach: the
> excluded paths can just XSS the page before it opts in to tighter
> security.
I also wrote:
> > My chain of thoughts is something like below (this
> > is just a general picture so don't take it too
> > literally):
so please feel welcome to provide alternatives instead
of just killing the provided analogies.
But more interesting is, are you saying that it is not
possible, under any circumstance, to design a secure
opt-in mechanism in this case? My belief was that
security information delivered before the actual
document contents (like a response header) could
activate the desired security level before creation of
the related JS context.
Best regards
Mike
More information about the whatwg
mailing list