W3C home > Mailing lists > Public > whatwg@whatwg.org > April 2011

[whatwg] "Content-Disposition" property for <a> tags

From: Michal Zalewski <lcamtuf@coredump.cx>
Date: Sat, 30 Apr 2011 12:12:17 -0700
Message-ID: <BANLkTi=2ogtwbcE_HHV469dA7Y5-iXRtvQ@mail.gmail.com>
> So, it's not so much the security issue (the browser's job), but an
> appearance-of-fault issue: the site not wanting to be blamed if the
> browser fails at that job.

Well, the browser does the best it can (i.e., documents the origin of
a download), and the user does the best he can (examines the displayed
origin). If that's not enough, then we have a problem.

(That's not unique to disposition=, by the way; on unrecognized MIME
types, browsers often derive file name from the notoriously unreliable
URL path signal, which is completely controlled by the attacker in
cases such as the PATH_INFO mechanism in Apache.)

/mz
Received on Saturday, 30 April 2011 12:12:17 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 30 January 2013 18:48:03 GMT