[whatwg] The choice of script global object to use when the script element is moved
Boris Zbarsky
bzbarsky at MIT.EDU
Fri Sep 3 11:16:04 PDT 2010
On 9/3/10 1:55 PM, Jonas Sicking wrote:
> On Fri, Sep 3, 2010 at 10:47 AM, Adam Barth<w3c at adambarth.com> wrote:
>> I'm not sure it makes much of a difference from a security point of
>> view.
>
> Agreed. Pages can only move elements between pages that are in the
> same security context anyway so I can't really think of any attacks
> that any of the approaches would enable or disable.
Could it cause script to run from a <script> element that someone sticks
in a same-origin but sandboxed iframe if the non-sandboxed parent moves
some part of the DOM out before the parse is done?
-Boris
More information about the whatwg
mailing list