W3C home > Mailing lists > Public > public-web-security@w3.org > November 2011

Re: Understanding the security model for the sandbox directive

From: Adam Barth <w3c@adambarth.com>
Date: Fri, 4 Nov 2011 09:37:20 -0700
Message-ID: <CAJE5ia-T0qik-F-DodUFFGn6pFTDz2gq=BnbRqR9ceW8M9PWMg@mail.gmail.com>
To: dveditz <dveditz@mozilla.com>
Cc: public-web-security@w3.org, jrossi@microsoft.com
On Fri, Nov 4, 2011 at 8:26 AM, dveditz <dveditz@mozilla.com> wrote:
> What do you mean by "main frame"? The top document, or the document in a
> <frame> element in the top document?

The top document.

> A sandbox directive should apply to any document no matter where loaded, and
> should not pollute the container it is loaded in for future documents. If we
> start with those as consistency principles what works and what doesn't?

The unique origin seems to work, but I'm not sure the other tokens
work.  The example I gave previously was script execution.  The
attacker cannot execute script in the sandboxed document itself, but
he/she can trigger a navigation to another (non-sandboxed) document,
which can execute script.

> What model does IE 10 follow? What have they learned from their
> implementation?

I'm hoping jrossi can shed some light on that question.

Adam
Received on Friday, 4 November 2011 16:38:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 4 November 2011 16:38:30 GMT