- From: <bugzilla@jessica.w3.org>
- Date: Tue, 11 Nov 2014 13:56:49 +0000
- To: public-webappsec@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=27302
Bug ID: 27302
Summary: Define an elaboration of
#may-document-use-powerful-features that checks
ancestor browsing contexts
Product: WebAppsSec
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Mixed Content
Assignee: mkwst@google.com
Reporter: hsivonen@hsivonen.fi
CC: public-webappsec@w3.org
https://w3c.github.io/webappsec/specs/mixedcontent/#may-document-use-powerful-features
checks ancestor browsing contexts only for srcdoc documents. This makes the
algorithm mainly useful for API that are restricted to Potentially Trusted
origins in order to protect misunderstanding Web authors from assuming things
that aren't true otherwise. That is, the algorithm is useful for informing Web
authors about Web Crypto not providing the security properties that many people
seem to think it provides on untrusted origins.
However, when the goal is to prevent a MITM from calling a privacy-sensitive
API, to account for the case where the MITM injects a https iframe into an http
victim origin such that the https iframe loads content from a MITM-controlled
domain that has a legitimate cert, there is a need for an algorithm that checks
*all* ancestors and doesn't stop climbing the browsing context chain when a
non-srcdoc document is found.
Please define such a variant of the algorithm to be referenced from EME to
resolve bug 27271.
--
You are receiving this mail because:
You are on the CC list for the bug.
Received on Tuesday, 11 November 2014 13:56:51 UTC