W3C home > Mailing lists > Public > public-webapi@w3.org > June 2007

Re: ACTION-61: text for embedding part of the Window object

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Tue, 05 Jun 2007 01:35:45 -0500
Message-ID: <46650441.2050302@mit.edu>
To: Ian Hickson <ian@hixie.ch>
CC: "Web APIs WG (public)" <public-webapi@w3.org>

Ian Hickson wrote:

>> And this doesn't really address the concern I raised about window.name 
>> (and window targeting) seeing names set by some other site when it 
>> opened you in a popup...
> 
> That wasn't what the bug was about; could you elaborate on this concern 
> further? I'm not sure I remember which it was.

evil.com has:

var win = window.open("http://victim.com", "login-popup");

Now if victim.com does a window.open() into login-popup, not only does it 
overwrite itself (possibly unexpected), but evil.com gets a handle to the 
login-popup window.  Generally unexpected behavior all around....

It almost seems like window names should be scoped to origins....  But I bet 
that would break some site somewhere.  :(

-Boris
Received on Tuesday, 5 June 2007 06:36:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:57 GMT