- From: Michal Zalewski <lcamtuf@coredump.cx>
- Date: Wed, 19 Jan 2011 16:29:18 -0800
- To: Adam Barth <w3c@adambarth.com>
- Cc: Giorgio Maone <g.maone@informaction.com>, "sird@rckc.at" <sird@rckc.at>, public-web-security@w3.org, Sid Stamm <sid@mozilla.com>, Brandon Sterne <bsterne@mozilla.com>
> 2) Writing a correct JavaScript program that enforces a reasonable > security policy is somewhat tricky. For example, we have a bunch of > implementation experience with postMessage that shows that folks often > write incorrect regular expressions when trying to filter messages. > By using a more declarative policy language with a restricted syntax, > we make it harder for folks to shoot themselves in the foot. Declarative approaches are also way easier to audit. FWIW, Ulfar proposed arbitrarily policing script behavior (http://www.usenix.org/event/hotos07/tech/full_papers/erlingsson/erlingsson.pdf). While that's an interesting piece of research, I think it's also a good cautionary tale against offering too much flexibility where it may be not necessary =) /mz
Received on Thursday, 20 January 2011 00:30:12 UTC