W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2015

Re: Secure Contexts: It's worth taking another look.

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 11 Sep 2015 11:45:11 +0200
Message-ID: <CADnb78id6fZrWodTAUHO638i4505YzfDDZLbQtT+q_QZ4JpcXw@mail.gmail.com>
To: Mike West <mkwst@google.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, Boris Zbarsky <bzbarsky@mit.edu>, Yan Zhu <yzhu@yahoo-inc.com>, Bobby Holley <bholley@mozilla.com>
On Fri, Sep 11, 2015 at 7:15 AM, Mike West <mkwst@google.com> wrote:
> I've done a bit of polishing on
> https://w3c.github.io/webappsec/specs/powerfulfeatures/ over the last few
> days, and I think it's worth folks' time to take another look at the
> document. In particular, I've addressed some of Boris' concerns from way
> back in June/July (sorry it took so long!), and clarified the algorithms
> with what I hope are helpful examples.

I think in particular what we need to accept and maybe call out is
that secure contexts are not a new security primitive. It's basically
a check to see if the current global is secure, plus some ancestor
checks. Nothing on the origin level that accounts for two tabs, one
with insecure A -> secure B, and the other with secure C -> secure B,
that the Bs don't get the same capabilities through a shared worker or
BroadcastChannel.

Copying Bobby since he pointed out this flaw. And I think Ian Hickson did too.


-- 
https://annevankesteren.nl/
Received on Friday, 11 September 2015 09:45:37 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:15 UTC