Re: [presentation-api] Receiving browsing context needs additional flags set

Setting _sandboxed top-level navigation browsing context flag_ is 
indeed required to ensure integrity. The presentation is effectively a
 single-page application that must not be able to navigate. This 
should have been caught up in the security review, but better late 
than never. Good catch!

Looking at the _sandboxed modals flag_, it prevents content from using
 the following:

* window.alert()
* window.confirm()
* window.print()
* window.prompt()

Also the following, but IIUC, not relevant here:

* window.showModalDialog() - This is already disallowed by the 
_sandboxed auxiliary navigation browsing context flag_ we set, and 
also not anymore in the _sandboxed modals flag_ list in HTML LS, so 
probably a spec bug in 5.1).

* the beforeunload event - In _terminate a presentation in a receiving
 browsing context_ we _unload a document_, thus this event is never 
fired when a presentation is terminated (the beforeunload event is 
only fired when a user agent is to _prompt to unload a document_).

@mfoltzgoogle @schien How do your implementations handle alert(), 
confirm, print(), or prompt()? How about we specify the implemented 
behaviour if it is consistent among known implementations.

-- 
GitHub Notification of comment by anssiko
Please view or discuss this issue at 
https://github.com/w3c/presentation-api/issues/414#issuecomment-282716160
 using your GitHub account

Received on Monday, 27 February 2017 13:12:38 UTC