- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 22 Apr 2005 23:51:04 +0000 (UTC)
On Fri, 22 Apr 2005, Brad Neuberg wrote: > > Do you have an idea of what the threat model might be? I.e. who is > attacking, why are they attacking, and how will they usually be > attacking. There are a number of attack vectors but the main ones are letting scripts access data from other hosts or from the computer itself, letting scripts affect the user's experience with the computer and the internet outside the site in question, and making it easier for sites to spoof other sites or system services in order to fradulently obtain personal information. So for example ways to disable the "back" button, or ways to override the user's window manager, and ways for sites to make it appear that they are other sites would be features that should never be allowed in the spec. (<script src="">, <img src="">, and window.open() are examples of features that currently exist in HTML browsers but suffer from these problems to one extent or another.) -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 22 April 2005 16:51:04 UTC