W3C home > Mailing lists > Public > whatwg@whatwg.org > March 2006

[whatwg] The problem of duplicate ID as a security issue

From: Alexey Feldgendler <alexey@feldgendler.ru>
Date: Wed, 15 Mar 2006 11:55:34 +0600
Message-ID: <op.s6fxewx11h6og4@localhost>
On Wed, 15 Mar 2006 02:42:27 +0600, Mihai Sucan <mihai.sucan at gmail.com>  
wrote:

> I've made a short "investigation" regarding how browsers behave with  
> document.getElementById('a-duplicate-ID').
>
> The page:
> http://www.robodesign.ro/_gunoaie/duplicate-ids.html
>
> Take a close look into the source (I've provided comments) to understand  
> what the "Click me" tests and what it shows. You'll see major browsers  
> I've tested behave the same: like with a queue, the last node that sets  
> the duplicate ID is also the node that's returned when you use  
> getElementById function.

Unfortunately we can't change it in a backwards-compatible way (though we  
probably can define a stricter behavior for <!DOCTYPE html> only).

Seems like sandboxes as security barriers are the only solution to the  
duplicate ID problem as a security thread -- at least the only one I can  
think of.


-- Opera M2 9.0 TP2 on Debian Linux 2.6.12-1-k7
* Origin: X-Man's Station at SW-Soft, Inc. [ICQ: 115226275]  
<alexey at feldgendler.ru>
Received on Tuesday, 14 March 2006 21:55:34 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:45 UTC