W3C home > Mailing lists > Public > public-webapi@w3.org > April 2006

Re: ACTION-61: text for embedding part of the Window object

From: Boris Zbarsky <bzbarsky@mit.edu>
Date: Tue, 18 Apr 2006 18:51:42 -0500
Message-ID: <44457B8E.7060303@mit.edu>
To: Maciej Stachowiak <mjs@apple.com>
CC: "Web APIs WG (public)" <public-webapi@w3.org>

Maciej Stachowiak wrote:
> The name set by "window.open" persists across document loads normally, 
> and this seems analogous.

True, but there the name is set by the thing that "owns" the window, in some 
sense....

> Can you think of a way the existing browser behavior might be exploitable?

Well, browsers can target windows they've opened, so by setting window.name a 
site B opened from another site A can control which frames targeted links and 
window.open calls from site A are loaded in..

> Conversely, do you have a proposal for what the behavior should be?

Perhaps the window targeting checks should check against whoever set window.name 
  (including by opening the window) instead of just checking against the opener?

I think we could then allow sites to change window.name without introducing 
problems.

-Boris
Received on Tuesday, 18 April 2006 23:51:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:54 GMT