On Sun, Feb 19, 2012 at 11:49 AM, Brendan Eich <brendan@mozilla.com> wrote:
[...]
> Not all engines mediate cross-same-origin-window accesses. I hear IE9+
> may, indeed rumor is it remotes to another process sometimes (breaking
> run-to-completion a bit; something we should explore breaking in the future
> for window=vat). SpiderMonkey just recently (not sure if this is in a
> Firefox channel yet) went to compartment per global, for good savings once
> things were refactored to maximize sharing of internal immutables.
>
Other than the origin truncation issue that I am still confused about, what
other benefits are there to mediating interframe access within the same
origin?
>
> My R2 resolution is not specific to any engine, but I have hopes it can be
> accepted. It is concrete enough to help overcome large-yet-vague doubts
> about implementation impact (at least IMHO). Recall that document.domain
> setting may have to split a merged same-origin window/frame graph, at any
> time. Again implementation solutions vary, but this suggests cross-window
> mediation can be interposed lazily.
>
How? By doing a full walk of the object graph and doing surgery on it? This
sounds more painful than imposing mediation up front. But I'm still hoping
that objects same origin iframes can communicate directly, without
mediation.
>
> Another point: HTML5 WindowProxy (vs. Window, the global object on the
> scope chain) exists to solve navigation-away-from-same-**origin security
> problems. Any JS that passes strings from one window to another must be
> using a WindowProxy to reference the other. There's a mediation point too.
>
> /be
>
>
--
Cheers,
--MarkM
Received on Sunday, 19 February 2012 20:31:51 UTC