[whatwg] Proposal for Links to Unrelated Browsing Contexts
Charlie Reis
creis at chromium.org
Wed Jun 6 16:56:47 PDT 2012
I'm hoping to bypass all of those by overriding any specification of target
in the link. That is, if "rel=unrelated" is specified, that forces target
to be "_blank".
Charlie
On Wed, Jun 6, 2012 at 4:53 PM, Michal Zalewski <lcamtuf at coredump.cx> wrote:
> Several questions:
>
> 1) How would this mechanism work with named windows (which may be targeted
> by means other than accessing opener.*)? In certain implementations (e.g.,
> Chrome), the separation in this namespace comes free, but that's not given
> for other browsers. There are ways in which the attacker could, for
> example, load GMail in a window that already has window.name set.
>
> 2) What would be the behavior of a rel=unrelated link with target=
> pointing to an existing iframe on the page? Could it work in any useful way?
>
> 3) What about the same with target= pointing to an existing window? Would
> that window become isolated? What would happen to the 'back' button /
> history.back()?
>
>
More information about the whatwg
mailing list