- From: Chris Palmer <palmer@google.com>
- Date: Tue, 03 Apr 2018 17:19:46 +0000
- To: williamsharkey@gmail.com
- Cc: public-webappsec@w3.org
- Message-ID: <CAOuvq21A-Miy+AgRF_rN7=zpR1venYYeV88sSEog4+LxTF-sOQ@mail.gmail.com>
On Tue, Apr 3, 2018 at 9:47 AM William Sharkey <williamsharkey@gmail.com> wrote: It would be nice if html authors had a way to tell browsers that they are > not leak info over the network for a specific page. > I've heard of this threat model before, and didn't understand it then, either. :) If the site operator controls their site, they can simply author their content such that it doesn't do this. Right? It seems like a CSP header saying "default-src none" would instruct the browser to enforce this goal. Does that work? > - Browser plugins should be disabled (is that even feasible?). > > The browser is the user's agent, not the site operator's agent. https://www.w3.org/TR/html-design-principles/#priority-of-constituencies Well, if that could happen, then the url bar could turn a different color > or whatever to indicate that nothing is leaking. > The last thing we should do is to complicate security-critical UX, which people already have a hard time understanding, for a marginal and hard-to-prove security assertion. Sorry. :) >
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Tuesday, 3 April 2018 17:20:52 UTC