- From: Adam Barth <w3c@adambarth.com>
- Date: Mon, 21 Feb 2011 11:22:31 -0800
- To: gaz Heyes <gazheyes@gmail.com>
- Cc: public-web-security@w3.org
On Mon, Feb 21, 2011 at 10:58 AM, gaz Heyes <gazheyes@gmail.com> wrote: > On 21 February 2011 18:48, Adam Barth <w3c@adambarth.com> wrote: >> Ah, I understand your point. That's true for some example, but not >> true in general. For example, sandbox policies, as defined by HTML5, >> propagate to subframes. Although the document with the CSP policy >> could use something like meta-refresh to circumvent the navigation >> restrictions, the documents contained in subframes would not be able >> to do so. > > Lets say that web site "A" hosts a CSP policy which by default blocks top > navigation. They allow to post links. The attacker then posts a link to a > external domain "B" in that domain the CSP configuration specifies > allow-top-navigation the attacker can now break out of the top redirect > restriction for site "A". If the attacker can't do this because the policy > cannot be overwritten then we have a different problem because the first > policy can influence policy "B". I think the iframe attribute is the best > place for this functionality. Yes, I understand. However, consider the case where A contains a frame to B. Now B cannot navigate A because of A's CSP policy. Adam
Received on Monday, 21 February 2011 19:23:35 UTC