- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Thu, 31 Jul 2014 21:49:36 +0200
- To: Brian Smith <brian@briansmith.org>
- Cc: Jacob S Hoffman-Andrews <jsha@eff.org>, Mike West <mkwst@google.com>, Webapps WG <public-webapps@w3.org>
On Thu, Jul 31, 2014 at 6:40 PM, Brian Smith <brian@briansmith.org> wrote: > On Thu, Jul 31, 2014 at 9:37 AM, Brian Smith <brian@briansmith.org> wrote: >> Web browsers with sandboxed child processes have the networking logic >> in the more-privileged parent process. The purpose of sandboxing is to >> protect against exploits in the child process. It would be useful for >> the process/privilege separation of sandboxing to be able to protect >> the values of passwords--even if it can't always protect the *use* of >> the passwords--even in the event of a compromised child process. > > By the way, I don't know if any browsers do this, but AFAICT HttpOnly > cookies can be protected by such process separation in the same way, > and we should ensure that ServiceWorkers is defined and implemented in > a way that allows for such protection to (continue to) work. Cookies (the non-HttpOnly kind) remain only exposed through document.cookie. Service workers, like XMLHttpRequest, have no access to cookies (including the non-HttpOnly kind) at all. -- http://annevankesteren.nl/
Received on Thursday, 31 July 2014 19:50:05 UTC