W3C home > Mailing lists > Public > public-webapi@w3.org > April 2006

Re: ACTION-61: text for embedding part of the Window object

From: Boris Zbarsky <bzbarsky@mit.edu>
Date: Tue, 18 Apr 2006 18:51:42 -0500
Message-ID: <44457B8E.7060303@mit.edu>
To: Maciej Stachowiak <mjs@apple.com>
CC: "Web APIs WG (public)" <public-webapi@w3.org>

Maciej Stachowiak wrote:
> The name set by "window.open" persists across document loads normally, 
> and this seems analogous.

True, but there the name is set by the thing that "owns" the window, in some 

> Can you think of a way the existing browser behavior might be exploitable?

Well, browsers can target windows they've opened, so by setting window.name a 
site B opened from another site A can control which frames targeted links and 
window.open calls from site A are loaded in..

> Conversely, do you have a proposal for what the behavior should be?

Perhaps the window targeting checks should check against whoever set window.name 
  (including by opening the window) instead of just checking against the opener?

I think we could then allow sites to change window.name without introducing 

Received on Tuesday, 18 April 2006 23:51:55 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:21 UTC