- From: Hill, Brad <bhill@paypal-inc.com>
- Date: Tue, 13 Mar 2012 01:06:48 +0000
- To: Adam Barth <w3c@adambarth.com>
- CC: "public-webappsec@w3.org" <public-webappsec@w3.org>
Unless it's a content-type with by-design DOM-access. (java, swf, js, pdf, etc.) This is a really common problem in systems designed to serve attachments and user uploaded content: webmail, bulletin boards, sharepoint, etc. > -----Original Message----- > From: Adam Barth [mailto:w3c@adambarth.com] > Sent: Monday, March 12, 2012 6:01 PM > To: Hill, Brad > Cc: public-webappsec@w3.org > Subject: Re: XSS through content-sniffing: good case for CSP sandbox > directive > > On Mon, Mar 12, 2012 at 5:54 PM, Hill, Brad <bhill@paypal-inc.com> wrote: > > http://www.garage4hackers.com/f11/gmail-xss-vulnerability-through-cont > > ent-sniffing-2094.html?postcount=1 > > > > A good example of the type of bug we could reduce the impact of with a > > sandbox directive in CSP. > > Or IE could just implement http://mimesniff.spec.whatwg.org/ and avoid all > these vulnerabilities. > > Adam
Received on Tuesday, 13 March 2012 01:07:19 UTC