W3C home > Mailing lists > Public > www-forms@w3.org > March 2003

RE: XForms - Secure or Insecure?

From: Micah Dubinko <MDubinko@cardiff.com>
Date: Thu, 13 Mar 2003 17:40:04 -0800
Message-ID: <BD2DBD26EE0BAA48B1A425C7BE7923002D0243@csmail.cardiff.com>
To: "'www-forms@w3.org'" <www-forms@w3.org>

David, Andrew,

The main difference against today's HTML/DOM is that nobody has widely
implemented support for the file: scheme in HTML forms. Without XML, that
feature doesn't make much sense.

The original point 1 is simply wrong -- nowhere does XForms define a
situation where user data is taken from the file system into XML instance
data without specific user action.

Further, an entire appendix is devoted to privacy issues and letting users
know what they're sending.

Point 2 is possible on poor implementations, which is why the XForms spec
cautions implementers about security issues associated with the 'file'
scheme, among others. It's worth noting that modern browser practice include
cross-domain security limitations and various forms of sandboxing, applying
to the entire browser, not just forms. A "Security Guidelines for User
Agents" specification would be interesting to read, but I wouldn't want to
be the one stuck producing it. :-)

.micah

-----Original Message-----
From: David Cleary [mailto:davec@progress.com]
Sent: Thursday, March 13, 2003 9:03 AM
To: www-forms@w3.org
Subject: RE: XForms - Secure or Insecure?


> -----Original Message-----
> From: w3c-forms-request@w3.org [mailto:w3c-forms-request@w3.org]On
> Behalf Of AndrewWatt2001@aol.com
> There are two potential sources of security concern:
> 1. That a malicious XForms-containing document can upload files
> from a user's
> computer without their knowledge
> 2. A malicious XForms-containing document could download a virus or other
> nasty to the user's computer.

How are these concerns addressed by HTML/DOM today, and why would XForms be
less secure?

David Cleary
Received on Thursday, 13 March 2003 20:40:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 10 March 2012 06:21:54 GMT