W3C home > Mailing lists > Public > public-html@w3.org > March 2008

Not reparsing when EOF inside comment

From: Henri Sivonen <hsivonen@iki.fi>
Date: Thu, 20 Mar 2008 16:16:23 +0200
Message-Id: <30315E51-CCE7-413C-AB49-7675D1AF7547@iki.fi>
To: HTML WG <public-html@w3.org>

In case reparsing upon EOF inside comment is considered:

Reparsing anything upon EOF is bad for security, because stuff that a  
gatekeeper thought was harmless can turn into a runnable script if an  
attacker manages to force a premature EOF e.g. by disrupting the  
network stream.

If the spec ends up specifying reparsing anyway, rewinding the byte  
stream to a particular point is more painful from an implementation  
perspective than simulating document.write with the decoded characters  
accumulated in the comment buffer.

-- 
Henri Sivonen
hsivonen@iki.fi
http://hsivonen.iki.fi/
Received on Thursday, 20 March 2008 14:17:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:16:13 GMT