W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2014

Re: Origin-scoped cache/cookie/storage context

From: Anne van Kesteren <annevk@annevk.nl>
Date: Wed, 15 Jan 2014 09:23:00 +0000
Message-ID: <CADnb78gsZd6eW0YTDykN-ueXnOj0ZRADfwytxFkJo6Azb9Jt7w@mail.gmail.com>
To: Nasko Oskov <nasko@chromium.org>
Cc: Mike West <mkwst@google.com>, WebAppSec WG <public-webappsec@w3.org>, TAG <www-tag@w3.org>, Charlie Reis <creis@chromium.org>
On Tue, Jan 14, 2014 at 6:46 PM, Nasko Oskov <nasko@chromium.org> wrote:
> In a pop-up window, the navigation is actually top level. The reason for it
> not working though is that windows with synchronous scripting relationships
> must stay in the same renderer process, hence they cannot use different
> storage partitions. This causes the user to have to login in a pop-up for
> each isolated origin, which defeats the purpose of origin isolation.

Could we isolate these similar to <iframe>? Perhaps with a new API?


> While a[t] this, I should mention that we do not isolate on the basis of
> origins, rather on the concept of "site". It includes the scheme and the
> registered domain name, so relaxing origin through document.domain is not
> broken. It excludes subdomains and port numbers.

It seems that if a site opts into this better security model, we could
go and disable document.domain...


-- 
http://annevankesteren.nl/
Received on Wednesday, 15 January 2014 09:23:30 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:04 UTC