hixie: Warn readers about sandboxing not being a panacea. (whatwg r4615) from poot on 2010-01-20 (public-html-diffs@w3.org from January 2010)

From: poot <cvsmail@w3.org>
Date: Wed, 20 Jan 2010 09:47:17 +0900 (JST)
To: public-html-diffs@w3.org
Message-Id: <20100120004717.BD6B32BBEA@toro.w3.mag.keio.ac.jp>

hixie: Warn readers about sandboxing not being a panacea. (whatwg r4615)

http://dev.w3.org/cvsweb/html5/spec/Overview.html?r1=1.3675&r2=1.3676&f=h
http://html5.org/tools/web-apps-tracker?from=4614&to=4615

===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.3675
retrieving revision 1.3676
diff -u -d -r1.3675 -r1.3676
--- Overview.html 19 Jan 2010 07:18:33 -0000 1.3675
+++ Overview.html 20 Jan 2010 00:46:31 -0000 1.3676
@@ -262,7 +262,7 @@
    <h1>HTML5</h1>
    <h2 class="no-num no-toc" id="a-vocabulary-and-associated-apis-for-html-and-xhtml">A vocabulary and associated APIs for HTML and XHTML</h2>
 
-   <h2 class="no-num no-toc" id="editor-s-draft-19-january-2010">Editor's Draft 19 January 2010</h2>
+   <h2 class="no-num no-toc" id="editor-s-draft-20-january-2010">Editor's Draft 20 January 2010</h2>
    <dl><dt>Latest Published Version:</dt>
     <dd><a href="http://www.w3.org/TR/html5/">http://www.w3.org/TR/html5/</a></dd>
     <dt>Latest Editor's Draft:</dt>
@@ -361,7 +361,7 @@
   specification's progress along the W3C Recommendation
   track.
 
-  This specification is the 19 January 2010 Editor's Draft.
+  This specification is the 20 January 2010 Editor's Draft.
   </p><!-- UNDER NO CIRCUMSTANCES IS THE PRECEDING PARAGRAPH TO BE REMOVED OR EDITED WITHOUT TALKING TO IAN FIRST --><!-- relationship to other work (required) --><p>This specification is part of <a href="http://www.whatwg.org/specs/web-apps/current-work/multipage/">a
   larger specification</a> being produced by the <a href="http://www.whatwg.org/">WHATWG</a>.
   <!-- UNDER NO CIRCUMSTANCES IS THE FOLLOWING PARAGRAPH TO BE REMOVED OR EDITED WITHOUT TALKING TO IAN FIRST -->
@@ -16859,7 +16859,11 @@
   <code title="attr-iframe-sandbox-allow-same-origin"><a href="#attr-iframe-sandbox-allow-same-origin">allow-same-origin</a></code>
   keywords together when the embedded page has the <a href="#same-origin">same
   origin</a> as the page containing the <code><a href="#the-iframe-element">iframe</a></code> allows
-  the embedded page to simply remove the <code title="attr-iframe-sandbox"><a href="#attr-iframe-sandbox">sandbox</a></code> attribute.<div class="impl">
+  the embedded page to simply remove the <code title="attr-iframe-sandbox"><a href="#attr-iframe-sandbox">sandbox</a></code> attribute.<p class="warning">Sandboxing hostile content is of minimal help if
+  an attacker can convince the user to just visit the hostile content
+  directly, rather than in the <code><a href="#the-iframe-element">iframe</a></code>. To limit the
+  damage that can be caused by hostile HTML content, it should be
+  served using the <code><a href="#text-html-sandboxed">text/html-sandboxed</a></code> MIME type.<div class="impl">
 
   <!-- v2: Add a new attribute that enables new restrictions, e.g.:
        - disallow cross-origin loads of any kind (networking

Received on Wednesday, 20 January 2010 00:47:46 UTC