- From: B. Smedberg <bsmedberg@covad.net>
- Date: Mon, 19 May 2003 08:36:04 -0400
- To: "Kay, Michael" <Michael.Kay@softwareag.com>
- CC: Axel Hecht <axel@pike.org>, public-qt-comments@w3.org
Kay, Michael wrote: > The thinking here is that there are no security/sandbox issues in creating a > result tree, only in serializing it to persistent storage. We tried to > separate the two things. Perhaps we have stretched things too far with the > notion that a URI can be used to refer to a resource (a result tree) that is > not persistent. The thinking is that you can create as many result trees as Unfortunately, in a client-side implementation this assumption is incorrect. A browser uses security checks based on the URI to determine whether a page (a result-tree in this case) may link images, frames, and scripts, whether cookies are available to a page, etc. I don't think this matters for the spec, because this security checking is really an implementation detail. But it would almost certainly require that any absolute-URI-result-tree be rejected for security reasons out of hand (as is allowed by the spec). In addition, if relative URI's are used, the transformation has the potential to "shadow" other content, which is another security issue (also by the implementation). --BDS
Received on Monday, 19 May 2003 08:36:11 UTC