W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2018

[secure-contexts] Just this source, silence network communication

From: William Sharkey <williamsharkey@gmail.com>
Date: Tue, 3 Apr 2018 10:52:03 -0400
Message-ID: <CAKXezzNSCcuwa-hM760DJdB45ZMd0EkRTqCtG1rB-13=NqMKMw@mail.gmail.com>
To: public-webappsec@w3.org
Certain webpages have utilities that are supposed to be used privately and
not leak information.

For example, a bitcoin wallet generator: https://walletgenerator.net/

It would be nice if html authors had a way to tell browsers that they are
not leak info over the network for a specific page.

The idea is that the browser should fetch the source code of the webpage,
and nothing else.

   - If there are external css, js, or images to be loaded, don't load it.
   - Don't open websockets, etc.
   - Don't communicate over the network at all after loading the source
   - Don't load favicons
   - Style and JS can be embedded.
   - Images can be base64 encoded and embedded.
   - There have been mouse-over css image tricks to exfiltrate data, so
   even "benign" communication should be suspect.
   - Don't render the source code until it is fully loaded to mitigate some
   sort of timing attack on how fast the source bytes are downloaded.
   - Browser plugins should be disabled (is that even feasible?).

Well, if that could happen, then the url bar could turn a different color
or whatever to indicate that nothing is leaking.

I might even suggest that links are disabled on such a website to prevent a
user from clicking a link that might leak info calculated on that
page.Other things should be disabled like local storage and cookies. You
folks probably have a much better idea of what it would require and if it
is feasible.

Received on Tuesday, 3 April 2018 16:43:50 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:55:03 UTC