- From: Adam Barth <w3c@adambarth.com>
- Date: Sat, 24 Jan 2009 10:02:11 -0800
- To: Robert Sayre <sayrer@gmail.com>
- Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On Sat, Jan 24, 2009 at 4:22 AM, Robert Sayre <sayrer@gmail.com> wrote: > Sorry, of course. Let's substitute a JS-triggered form post, or even > just a click on something that looks like link but it is an image form > button, and continue productive discussion. Of course there is no way for the user to determine whether an intranet site is leaking its host name to the Internet, but a site that wants to leaks its host name doesn't need the Origin header to do this. The vast majority of intranet-to-Internet network requests are generated from hyperlinks. Do you have examples of intranet sites with sensitive host names that POST to untrusted Internet sites? Without even anecdotal evidence that this occurs, this privacy leak seems theoretical. (Of course, I'd prefer hard data to anecdotes.) > Information on the quantity would be nice to have, but I don't think a > new CSRF mitigation technique should introduce a privacy leak, > especially when it looks like there might be a way to avoid it that > you haven't explored. I welcome suggestions for a solution that address the same use cases with further privacy protections. Adam
Received on Saturday, 24 January 2009 18:02:47 UTC