- From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Date: Wed, 02 Jul 2014 13:47:15 -0400
- To: David Walp <David.Walp@microsoft.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Received on Wednesday, 2 July 2014 17:47:48 UTC
Hi David-- On 07/01/2014 10:43 PM, David Walp wrote: > To address this use case we would propose that "arraybuffer" response > types be categorized as "Optionally-blockable passive content". > Although there are methods to pass non-media content through an > array buffer, we think the both server and client would need to > participate (agree in the encoding) in order to use an arraybuffer as a > security hole. Because both sides would need to be complicit, the > exploitable surface area seems acceptable. I don't think this follows. If the media traffic itself (or other parts of the XHR) is not protected by TLS, then it is *not* the case that both sides need to be complicit, since either of the parties could be replaced by an undetectable MITM for the cleartext traffic. It's possible that i'm not understanding your proposal properly, though; please correct me if i've missed something! Regards, --dkg
Received on Wednesday, 2 July 2014 17:47:48 UTC