W3C home > Mailing lists > Public > public-web-security@w3.org > February 2011

Re: CSP Directive Proposal: Sandbox

From: <sird@rckc.at>
Date: Mon, 21 Feb 2011 11:21:34 -0800
Message-ID: <AANLkTimwWwpGwrVH1N0Cg=rBxVEj+XdnFyDe8Qk9D==_@mail.gmail.com>
To: gaz Heyes <gazheyes@gmail.com>
Cc: Adam Barth <w3c@adambarth.com>, public-web-security@w3.org
Would be cool if we had a "disallow-navigation" rule which disallow's
the user to navigate to any links.

-- Eduardo




On Mon, Feb 21, 2011 at 10:58 AM, gaz Heyes <gazheyes@gmail.com> wrote:
> On 21 February 2011 18:48, Adam Barth <w3c@adambarth.com> wrote:
>>
>> Ah, I understand your point.  That's true for some example, but not
>> true in general.  For example, sandbox policies, as defined by HTML5,
>> propagate to subframes.  Although the document with the CSP policy
>> could use something like meta-refresh to circumvent the navigation
>> restrictions, the documents contained in subframes would not be able
>> to do so.
>
> Lets say that web site "A" hosts a CSP policy which by default blocks top
> navigation. They allow to post links. The attacker then posts a link to a
> external domain "B" in that domain the CSP configuration specifies
> allow-top-navigation the attacker can now break out of the top redirect
> restriction for site "A". If the attacker can't do this because the policy
> cannot be overwritten then we have a different problem because the first
> policy can influence policy "B". I think the iframe attribute is the best
> place for this functionality.
>
Received on Monday, 21 February 2011 19:22:27 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 21 February 2011 19:22:27 GMT