Re: [ServiceWorker] Should window.caches be removed (or readonly) for security reasons? (#698) from Jake Archibald on 2015-06-08 (public-webapps-github@w3.org from June 2015)

From: Jake Archibald <notifications@github.com>
Date: Mon, 08 Jun 2015 07:20:47 -0700
To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Message-ID: <slightlyoff/ServiceWorker/issues/698/110010918@github.com>

So yeah, all browser storage that ServiceWorker may use to construct responses is vulnerable to this attack, not just `caches`, the only reason `caches` is more vulnerable is that people are more likely to use it for ServiceWorker responses than say IDB (in fact, I've seen people hack `caches` to be a simple key/value store rather than use IDB).

We *do* need a solution to this that works for all storage. Maybe a kill switch that moves all same-origin pages onto unique origins, like `sandbox`.

Still trying to figure out if restricting `window.caches` is an overreaction.

---
Reply to this email directly or view it on GitHub:
https://github.com/slightlyoff/ServiceWorker/issues/698#issuecomment-110010918

Received on Monday, 8 June 2015 14:21:14 UTC