W3C home > Mailing lists > Public > whatwg@whatwg.org > August 2010

[whatwg] @srcdoc and default @sandbox

From: Maciej Stachowiak <mjs@apple.com>
Date: Mon, 30 Aug 2010 13:57:47 -0700
Message-ID: <FF71120D-9403-4719-9A77-881EE1D1D8C8@apple.com>

On Aug 30, 2010, at 11:27 AM, Justin Schuh wrote:

> On Mon, Aug 30, 2010 at 10:18 AM, Maciej Stachowiak <mjs at apple.com> wrote:
>> 
>> I think it's better to let these remain orthogonal features. In general I think it is a net negative to usability when Feature A implicitly turns on Feature B. Implicit relationships like this make the Web platform more confusing.
> 
> Security features are typically effective only when deployed in
> concert and when they default to their most restrictive state. As I
> understand, srcdoc is intended primarily as a security feature
> (because non-security use cases already have solutions). So, srcdoc
> should behave like a well-spec'd security feature and provide it's
> strongest level of protection by default, requiring the author to
> scale it back if needed. Otherwise we'll end up with common vulnerable
> cases because many people will expect secure default behavior,
> regardless of whether or not we spec it.

At least as currently drafted, srcdoc is not a security feature. It's a convenience feature. It is also designed to work well in tandem with a particular security feature (sandbox). But by itself, it is not a security feature.

Regards,
Maciej
Received on Monday, 30 August 2010 13:57:47 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:00 UTC