Re: Disallow plug-ins in text/html-sandboxed? (was: Re: text/sandboxed-html)

On Sun, Jan 24, 2010 at 9:58 AM, Leonard Rosenthol <lrosenth@adobe.com> wrote:
> Guess it depends on your definition of "attack" and which side of the battle you sit on...(and it was also what led to the my other message about "what is a plugin").
>
> As someone who wants to ensure that users can expose their content in formats other than HTML (regardless of what mechanisms are used to render that content), any features of HTML and its UA's that would enable someone to block those formats (against the authors wishes) is an attack.

What I meant, though, is that a malicious server or proxy can do
*anything it wants* to the content passing through it.  Swapping
mimetypes is certainly possible, but so is changing all links to pdf
files that it detects to point to one on the attacker's site that says
"EFF ADOBE!!!".  (Or, you know, just strip the link out.)

When the attacker can do *literally anything* to the content, worrying
about it doing *one specific thing* to the content doesn't seem
reasonable.

~TJ

Received on Sunday, 24 January 2010 16:18:52 UTC