RE: CfC: publish a new Working Draft of Web IDL; deadline October 18

For IE9, we've adopted this attribute as well [msDoNotCheckDomainSecurity]

It has different meanings for different types of properites (fields vs. accessors) and causes some proxies to be setup, but generally speaking it does allow requests for the property to go through without an "access denied" hard-stop.

I'm not sure how far WebIDL should go toward specing the security aspects of this attribute if it decides to include it. There are a lot of considerations that IE had to put in place to ensure we were secure, and they are quite varied depending on the scenario. 

My recommendation, if this attribute gets included into the WebIDL syntax, would be merely to indicate what it's intended purpose is, and to leave a general note about further security precautions that should be taken by an implementation to avoid cross-domain problems (or something like that). Starting down the road of defining all the possible attacks and mitigations may not be the best route to take (for this spec anyway).

-Travis

-----Original Message-----
From: public-script-coord-request@w3.org [mailto:public-script-coord-request@w3.org] On Behalf Of Shiki Okasaka
Sent: Monday, October 11, 2010 5:48 PM
To: Shiki Okasaka; public-script-coord; public-webapps
Subject: Re: CfC: publish a new Working Draft of Web IDL; deadline October 18

Thanks, Cameron.

[DoNotCheckDomainSecurity] is one of the WebKit IDL's attributes, briefly described here:

  http://www.adambarth.com/papers/2009/barth-weinberger-song.pdf


I think security related attributes like this would be very helpful, too.

 - Shiki

2010/10/12 Cameron McCormack <cam@mcc.id.au>:
> -minus various people
>
> Shiki Okasaka:
>> You've been missed, Cameron!
>>
>> Just a reminder, my wish list is here (this doesn't have to be 
>> reflected in the very next WD, though):
>>   
>> http://lists.w3.org/Archives/Public/public-script-coord/2010JanMar/00

>> 03.html A signed 8 bit integer type has been required in WebGL.
>
> Thanks for pointing these out.  I’ve made sure they all have issue 
> boxes in the spec.  The one I can find the least information about is 
> [DoNotCheckDomainSecurity].  What are its requirements – just allow 
> property accesses that would normally be blocked because they are 
> cross origin?  Is it something HTML5 would use?
>
> Thanks,
>
> Cameron
>
> --
> Cameron McCormack ≝ http://mcc.id.au/

>

Received on Thursday, 21 October 2010 20:39:32 UTC