W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2008

Re: [widgets] Content-type sniffing and file extension to MIME mapping

From: Adam Barth <w3c@adambarth.com>
Date: Wed, 10 Dec 2008 10:07:57 -0800
Message-ID: <7789133a0812101007k56d2ffb9t43f88900646723a4@mail.gmail.com>
To: "Marcos Caceres" <marcosscaceres@gmail.com>
Cc: "Jonas Sicking" <jonas@sicking.cc>, "Simon Pieters" <simonp@opera.com>, "Laurens Holst" <lholst@students.cs.uu.nl>, public-webapps <public-webapps@w3.org>, timeless <timeless@gmail.com> 

On Wed, Dec 10, 2008 at 2:55 AM, Marcos Caceres
<marcosscaceres@gmail.com> wrote:
> The content element is defined here:
> http://dev.w3.org/2006/waf/widgets/#the-content
>
> Would certainly appreciate more details about the security threat.

Thanks for the pointer.  As timeless points out, this doesn't look
like a security issue in this context because the content can be
included only from within the widget.

In other settings, you have to be careful about sites that let users
upload content.  For example, many sites let users upload images.  If
you take an HTTP response from one of these sites and override its
Content-Type, you might be tricked into running the attacker's HTML in
the honest site's security context.

Adam
Received on Wednesday, 10 December 2008 18:08:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:01 GMT