- From: Maciej Stachowiak <mjs@apple.com>
- Date: Mon, 2 Jan 2006 01:48:27 -0800
- To: public-cdf@w3.org
Section 2.2.1, event propagation to parent documents: - This feature creates security issues for containing documents that use existing inclusion features. Now child documents can unilaterally decide to trigger any event handlers on any element in the parent document that contains the child. This may create unexpected security risks to documents that thought including child content was "safe" and would not thereby affect its keyboard and mouse handlers. - This feature creates security issues for the contained document. It may wish to use an event to simply send a message to a parent document that is for security reasons otherwise inaccessible. However, because the Event interface includes the target node, it may therefore inadvertently expose its whole DOM. - If cross-document event propagation is to be included, I request that it be changed so that both parent and child have to consent. - But better yet, I recommend that cross-document event propagation be removed, and that instead cross-document communication be designed in a way that does not overload existing features, to minimize the security risk. One example would be cross-document messaging, as implemented in Opera: <http://virtuelvis.com/archives/2005/12/cross- document-messaging> and proposed for standardization by whatwg as part of Web Apps 1.0: <http://whatwg.org/specs/web-apps/current-work/ #crossDocumentMessages> Regards, Maciej
Received on Monday, 2 January 2006 09:48:35 UTC