- From: Brad Hill <hillbrad@fb.com>
- Date: Mon, 1 Dec 2014 22:13:26 +0000
- To: Deian Stefan <deian@cs.stanford.edu>, "public-webappsec@w3.org" <public-webappsec@w3.org>
As workers are specified today, yes. I would also like to see Cross-Origin + Sandboxed workers in the future, which is why I broke this requirement out into two clauses, so we can go in that direction if needed or desired. -Brad On 12/1/14, 2:04 PM, "Deian Stefan" <deian@cs.stanford.edu> wrote: > >Brad Hill <hillbrad@fb.com> writes: > >> We talked on list in the past about using CSP + sandbox to disable >> ServiceWorkers. >> >> I'd like to propose adding the following normative note to the sandbox >> directive >> In CSP. I believe this is already implied by: >> >> >>https://urldefense.proofpoint.com/v1/url?u=https://w3c.github.io/webappse >>c/specs/content-security-policy/%23which-policy&k=ZVNjlDMF0FElm4dQtryO4A% >>3D%3D%0A&r=HU3cThGizwgsko8%2BWBMXZg%3D%3D%0A&m=7acoPOm%2FtJLyjVOHYIhl6pyZ >>WaINFLI34ulkTSLXzBQ%3D%0A&s=d5a94e6cd51962408afc744af0983500b17b22e8bb14c >>c13180d3dff6249a57e >> -applies >> >> but it would be good to make it specific as all the sandboxing >>algorithms >> we >> reference only apply to Documents, not "headless" script execution >> contexts. >> >> >> Proposal: >> ====================== >> >> Note: When delivered via an HTTP header, a Content Security Policy may >> indicate >> sandboxing be applied to a JavaScript execution environment that >> is not an HTML Document. One such scenario of particular interest is >> script >> content intended to be used for the creation of a Web Worker, Shared >> Worker or >> Service Worker. While many of the sandboxing flags do not apply to >> such >> environments, if the sandbox directive delivered with the resource >> used >> to create a worker implies the <code>sandboxed scripts browsing >> context flag</code>, or, if the sandbox directive delivered with >> such a resource implies the <code>sandboxed origin browsing context >> flag</code> and the creation of the new execution context requires >> it be same-origin with its creating context, abort the processing >> model >> for the creation of the new script environment with a network error. > >I support something along these lines. I do have a question: for Workers >wouldn't this always imply that you can't create a Worker with a fresh >origin? (I am happy to discuss sandboxed workers as a separate feature.) > >Deian
Received on Monday, 1 December 2014 22:14:17 UTC