[whatwg] Blacklist for regsiterProtocolHandler()
Ian Hickson
ian at hixie.ch
Tue Apr 19 10:33:43 PDT 2011
On Tue, 12 Apr 2011, Lachlan Hunt wrote:
>
> We are investigating registerProtocolHandler and have been discussing
> the need for a blacklist of protocols to forbid.
>
> [...]
>
> We'd like to know if we've missed any important schemes that must be
> blocked, and we think it might be useful if the spec listed most of
> those, except for the vendor specific schemes, which should probably be
> left up to each vendor to worry about.
I haven't updated the spec yet, but it strikes me that maybe what we
should do instead is have a whitelist of protocols we definitely want to
allow (e.g. mailto:), and define a common prefix for protocols that are
used with this feature, in a similar way to how with XHR we've added Sec-*
as a list of headers _not_ to support.
So e.g. we could whitelist any protocol starting with "web+" and then
register that as a common extension point for people inventing protocols
for use with this feature, so that people writing OS-native apps would
know that if they used a protocol with that prefix it's something that any
web site could try to take over.
I'd be curious about people's opinions on that matter.
(If we did this, the whitelist may have to be updated occasionally to add
new protocols that people invented that we think are fine to be
overridden, but that are not "web+"-prefixed.)
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg
mailing list