W3C home > Mailing lists > Public > public-html@w3.org > January 2010

Re: Disallow plug-ins in text/html-sandboxed? (was: Re: text/sandboxed-html)

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Sun, 24 Jan 2010 10:17:58 -0600
Message-ID: <dd0fbad1001240817n7d27cf62s910b2314354e9d3@mail.gmail.com>
To: Leonard Rosenthol <lrosenth@adobe.com>
Cc: Maciej Stachowiak <mjs@apple.com>, Adam Barth <w3c@adambarth.com>, Ian Hickson <ian@hixie.ch>, "public-html@w3.org" <public-html@w3.org>
On Sun, Jan 24, 2010 at 9:58 AM, Leonard Rosenthol <lrosenth@adobe.com> wrote:
> Guess it depends on your definition of "attack" and which side of the battle you sit on...(and it was also what led to the my other message about "what is a plugin").
>
> As someone who wants to ensure that users can expose their content in formats other than HTML (regardless of what mechanisms are used to render that content), any features of HTML and its UA's that would enable someone to block those formats (against the authors wishes) is an attack.

What I meant, though, is that a malicious server or proxy can do
*anything it wants* to the content passing through it.  Swapping
mimetypes is certainly possible, but so is changing all links to pdf
files that it detects to point to one on the attacker's site that says
"EFF ADOBE!!!".  (Or, you know, just strip the link out.)

When the attacker can do *literally anything* to the content, worrying
about it doing *one specific thing* to the content doesn't seem
reasonable.

~TJ
Received on Sunday, 24 January 2010 16:18:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:17:00 GMT