- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Fri, 12 Jan 2007 18:12:53 +0100
* James M Snell wrote: >Whatever shape the mechanism ultimately takes, having a way of isolating >scripts within a document would be extremely beneficial. It would be helpful if you could first explain what pain you are trying to solve and how your solution would solve it. For example, a malicious script could create a new layer in the sandbox and position it so that it is rendered on top of the rest of the document. Why wouldn't that be a problem? Or, since the script in the sandbox apparently can execute all other author-defined functions, what if the author of the host page includes some scripting library that, say, provides indirect access to document.cookie; a malicious script could then easily steal the cookie. You naturally also cannot use <script> for the untrusted script as down- level clients would ignore the <sandbox> and execute the script as fully trusted one. I would say that including untrusted scripts in any way in- to the context of your documents is a very bad idea no matter how you try to restrict it. If you want your scripts and untrusted scripts to communicate, that's best done through exchanging data instead of any kind of execution sandbox. -- Bj?rn H?hrmann ? mailto:bjoern at hoehrmann.de ? http://bjoern.hoehrmann.de Weinh. Str. 22 ? Telefon: +49(0)621/4309674 ? http://www.bjoernsworld.de 68309 Mannheim ? PGP Pub. KeyID: 0xA4357E78 ? http://www.websitedev.de/
Received on Friday, 12 January 2007 09:12:53 UTC