W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2013

webappsec-ISSUE-52 (unsafe DOM API): unsafe attribute requires every handler to check [UI Security]

From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Thu, 25 Apr 2013 23:53:28 +0000
Message-Id: <E1UVVyi-0002cm-VJ@tibor.w3.org>
To: public-webappsec@w3.org
webappsec-ISSUE-52 (unsafe DOM API): unsafe attribute requires every handler to check [UI Security]

http://www.w3.org/2011/webappsec/track/issues/52

Raised by: Brad Hill
On product: UI Security

abarth: requiring every handler to check unsafe makes it difficult to write the correct code.  better would be to be able to provide a wrapper function that filters or intercepts all unsafe events so they can be acted on wherever they are generated.
Received on Thursday, 25 April 2013 23:53:30 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC