W3C home > Mailing lists > Public > public-webapi@w3.org > September 2006

[File Upload] Security problems with File Upload

From: Ian Hickson <ian@hixie.ch>
Date: Fri, 22 Sep 2006 17:15:56 +0000 (UTC)
To: public-webapi@w3.org
Message-ID: <Pine.LNX.4.62.0609221700430.13053@dhalsim.dreamhost.com>


I'm concerned about the open() method on the FileDialog interface.

It seems like it would make it possible, through an attack like the famous 
fast clicking game, to cause a user to select a file (probably at random, 
but from the user's home directory, so likely a confidential file).

I would feel much more comfortable if the FileList API was provided merely 
as an extension to the HTMLInputElement interface, thus requiring authors 
to use an <input type=file> control, and requiring users to click the 
Browse button before the dialog would appear. (UAs can then guarentee that 
the fast clicking game attack will be unsuccessful, by positioning the 
file dialog such that the button location doesn't coincide with a 
sensitive part of the dialog.)

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 22 September 2006 17:16:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:55 GMT