W3C home > Mailing lists > Public > public-wsc-wg@w3.org > January 2008

Re: IE Favorites Feature May Allow Phishing

From: Anil Saldhana <Anil.Saldhana@redhat.com>
Date: Fri, 25 Jan 2008 22:11:04 -0600
Message-ID: <479AB2D8.8050400@redhat.com>
To: "public-wsc-wg@w3.org" <public-wsc-wg@w3.org>



Thomas Roessler wrote:
> On 2007-10-29 15:32:06 -0500, michael.mccormick@wellsfargo.com wrote:
> 
>> I'm cross posting this to WSC for obvious reasons.  Should we say
>> something in our Note about the danger of UAs offering bookmark
>> APIs and/or allowing non-URLs (e.g., keyword shortcuts) in the
>> location bar?
> 
> Sounds like a possible issue for the Threat Trees note.
> 
> Also, we have ISSUE-95 suggesting that we should address
> bookmark-related APIs.

ISSUE-95 deals with bookmarks api.  Should we also deal with the keyword 
shortcuts (non-url) possibilities in the location bar?


-- 
Anil Saldhana
Project/Technical Lead,
JBoss Security & Identity Management
JBoss, A division of Red Hat Inc.
http://labs.jboss.com/portal/jbosssecurity/
Received on Saturday, 26 January 2008 04:11:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:56 GMT