Re: [Bug 13373] New: Privacy: Limit SharedWorker connections to same top-level domain from Thomas Roessler on 2011-07-26 (public-web-security@w3.org from July 2011)

From: Thomas Roessler <tlr@w3.org>
Date: Tue, 26 Jul 2011 15:25:16 -0400
To: WebApps WG <public-webapps@w3.org>, travil@microsoft.com
Cc: Thomas Roessler <tlr@w3.org>, Lieven Desmet <lieven.desmet@cs.kuleuven.be>, public-web-security <public-web-security@w3.org>
Message-Id: <FF204E24-A32C-4649-B9E1-479C4B3A249E@w3.org>

Travis,

I suspect you mean second-level domain (microsoft.com, w3.org) instead of top-level domain (.com, .net, .org).

Further, I'll observe that consistency with other, similar security policies would be valuable instead of introducing yet another privacy policy.  Adding public-web-security to the CC list.

Regards,
--
Thomas Roessler, W3C  <tlr@w3.org>  (@roessler)







On Jul 26, 2011, at 15:18 , bugzilla@jessica.w3.org wrote:

> http://www.w3.org/Bugs/Public/show_bug.cgi?id=13373
> 
>           Summary: Privacy: Limit SharedWorker connections to same
>                    top-level domain
>           Product: WebAppsWG
>           Version: unspecified
>          Platform: PC
>        OS/Version: Windows NT
>            Status: NEW
>          Severity: normal
>          Priority: P2
>         Component: Web Workers (editor: Ian Hickson)
>        AssignedTo: ian@hixie.ch
>        ReportedBy: travil@microsoft.com
>         QAContact: member-webapi-cvs@w3.org
>                CC: mike@w3.org, public-webapps@w3.org
> 
> 
> Per privacy discussion [1], Shared Workers should have a privacy clause
> allowing UA's to prevent SharedWorkers from connecting when they detect that a
> user's privacy could be at risk.
> 
> It is recommended that in addition to the existing checks (steps 7.5, 7.6,
> 7.7.1) for making a connection to a SharedWorker [2], another check should be
> added that compares the top-level domain of the candiate shared worker global
> scope's owning document(s) to the top-level document of the script that invoked
> the constructor. If they are the same, then the connection is allowed to
> proceed; otherwise, a new SharedWorkerGlobalScope should be created.
> 
> This addition privacy clause would allow connections for iframes of the same
> domain within a top-level document:
> 
> Top Level Window - http://a.com
>     Iframe_one - http://b.com
>     iframe_two - http://b.com
> 
> Iframe_one and iframe_two would be allowed to connect... but would disallow
> connections for a different top-level document:
> 
> Top Level Window - http://c.com
>     iframe_three - http://b.com
> 
> iframe_three would get a unique shared worker, separate from the one shared by
> iframe_one & iframe_two.
> 
> [1] http://lists.w3.org/Archives/Public/public-webapps/2011AprJun/0293.html
> [2] http://dev.w3.org/html5/workers/#sharedworker
> 
> -- 
> Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
> ------- You are receiving this mail because: -------
> You are on the CC list for the bug.
> 
>

Received on Tuesday, 26 July 2011 19:25:19 UTC