- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 05 Jun 2007 01:35:45 -0500
- To: Ian Hickson <ian@hixie.ch>
- CC: "Web APIs WG (public)" <public-webapi@w3.org>
Ian Hickson wrote: >> And this doesn't really address the concern I raised about window.name >> (and window targeting) seeing names set by some other site when it >> opened you in a popup... > > That wasn't what the bug was about; could you elaborate on this concern > further? I'm not sure I remember which it was. evil.com has: var win = window.open("http://victim.com", "login-popup"); Now if victim.com does a window.open() into login-popup, not only does it overwrite itself (possibly unexpected), but evil.com gets a handle to the login-popup window. Generally unexpected behavior all around.... It almost seems like window names should be scoped to origins.... But I bet that would break some site somewhere. :( -Boris
Received on Tuesday, 5 June 2007 06:36:02 UTC