Re: widget example of CORS and UMP

On Fri, May 14, 2010 at 12:20 PM, Ojan Vafai <> wrote:
> On Fri, May 14, 2010 at 12:00 PM, Tyler Close <> wrote:
>> On Fri, May 14, 2010 at 11:27 AM, Dirk Pranke <>
>> wrote:
>> > You are correct that it is possible to use CORS unsafely. It is possible
>> > to use
>> > UMP unsafely,
>> Again, that is broken logic. It is possible to write unsafe code in
>> C++, but it is also possible to write unsafe code in Java, so there's
>> no security difference between the two languages. Please, this
>> illogical argument needs to die.
> This feels like a legal proceeding. Taken out of context, this sounds
> illogical, in the context of the rest of the paragraph Dirk's point makes
> perfect sense.

My email included all of Dirk's text. I didn't remove it from context.
I don't think it makes any sense, even in context.

> In the same way that CORS has security problems, so does UMP.

No, not in "the same way". The security issues are different in nature
and severity. You can't just say there exist problems in both, so
they're equivalent. That's not sensible.

> For example, I don't understand how UMP can ever work with GET requests.
> Specifically, how do you deal with users sharing URLs with malicious
> parties? Or is that not considered a problem?

You don't expose dangerous shared secrets to the user. You hide them
away where the user won't accidentally get at them. That's what
cookies try to do, but rather badly, as Adam has shown. There are
other ways to hide secret tokens from the user.


"Waterken News: Capability security on the Web"

Received on Friday, 14 May 2010 19:34:39 UTC