W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2018

Re: [secure-contexts] Just this source, silence network communication

From: Chris Palmer <palmer@google.com>
Date: Tue, 03 Apr 2018 17:19:46 +0000
Message-ID: <CAOuvq21A-Miy+AgRF_rN7=zpR1venYYeV88sSEog4+LxTF-sOQ@mail.gmail.com>
To: williamsharkey@gmail.com
Cc: public-webappsec@w3.org
On Tue, Apr 3, 2018 at 9:47 AM William Sharkey <williamsharkey@gmail.com>

It would be nice if html authors had a way to tell browsers that they are
> not leak info over the network for a specific page.

I've heard of this threat model before, and didn't understand it then,
either. :) If the site operator controls their site, they can simply author
their content such that it doesn't do this. Right?

It seems like a CSP header saying "default-src none" would instruct the
browser to enforce this goal. Does that work?

>    - Browser plugins should be disabled (is that even feasible?).
> The browser is the user's agent, not the site operator's agent.

Well, if that could happen, then the url bar could turn a different color
> or whatever to indicate that nothing is leaking.

The last thing we should do is to complicate security-critical UX, which
people already have a hard time understanding, for a marginal and
hard-to-prove security assertion. Sorry. :)


Received on Tuesday, 3 April 2018 17:20:52 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:55:03 UTC