Re: [blink-dev] Re: Proposal: Prefer secure origins for powerful new web platform features from Peter Kasting on 2014-06-28 (public-webappsec@w3.org from June 2014)

From: Peter Kasting <pkasting@google.com>
Date: Fri, 27 Jun 2014 17:04:02 -0700
To: Michal Zalewski <lcamtuf@coredump.cx>
Cc: Chris Palmer <palmer@google.com>, Alex Russell <slightlyoff@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, blink-dev <blink-dev@chromium.org>, security-dev <security-dev@chromium.org>, dev-security@lists.mozilla.org
Message-ID: <CAAHOzFCHEF9WQBxSzs-RbsBL04Ut6BCzM6kqm8mntMz9j6hxZw@mail.gmail.com>

On Fri, Jun 27, 2014 at 4:56 PM, Michal Zalewski <lcamtuf@coredump.cx>
wrote:

> >> I think the inclusion of file:/// is somewhat problematic, since it is
> >> not implied that the content arrived over a secure channel,
> >
> > Right. "But it's here now." Perhaps we should take file: off the list,
> > perhaps we should find some way to tag files as having come from
> > secure transport, or...
>
> A special problem here is also how to scope the permission if ever
> granted by the user. A permission granted to
> file:///installed_app/bar.html probably shouldn't carry over to
> file:///some/random/downloaded/thing.html.

I believe in Chrome, at least for content settings and similar
origin-scoped permissions, file: URLs are treated as if the entire file
path is the origin, so every file's permissions are unique to it.

I haven't checked this against the code.

PK

Received on Saturday, 28 June 2014 00:04:29 UTC