Re: Secure Contexts: It's worth taking another look.

On Fri, Sep 11, 2015 at 7:15 AM, Mike West <mkwst@google.com> wrote:
> I've done a bit of polishing on
> https://w3c.github.io/webappsec/specs/powerfulfeatures/ over the last few
> days, and I think it's worth folks' time to take another look at the
> document. In particular, I've addressed some of Boris' concerns from way
> back in June/July (sorry it took so long!), and clarified the algorithms
> with what I hope are helpful examples.

I think in particular what we need to accept and maybe call out is
that secure contexts are not a new security primitive. It's basically
a check to see if the current global is secure, plus some ancestor
checks. Nothing on the origin level that accounts for two tabs, one
with insecure A -> secure B, and the other with secure C -> secure B,
that the Bs don't get the same capabilities through a shared worker or
BroadcastChannel.

Copying Bobby since he pointed out this flaw. And I think Ian Hickson did too.


-- 
https://annevankesteren.nl/

Received on Friday, 11 September 2015 09:45:37 UTC