W3C home > Mailing lists > Public > whatwg@whatwg.org > June 2008

[whatwg] Sandboxing to accommodate user generated content.

From: Kristof Zelechovski <giecrilj@stegny.2a.pl>
Date: Wed, 18 Jun 2008 09:59:25 +0200
Message-ID: <93FC0A4E53F945F5B5D0A5753DB8372A@POCZTOWIEC>
Let?s sort things out, folks.  There is nothing in the spec to prevent a
browser vendor to format the user?s hard drive and to drain her bank account
as a bonus when the page displayed contains the string "D357R0Y!N0\V!".  The
spec does not tell the vendors what not to do, therefore it cannot guarantee
anything in this respect.  The spec provides a reference implementation and
it is our job not to let harmful extensions in here; what happens in the
wild is beyond our control.
IMHO,
Chris

-----Original Message-----
From: whatwg-bounces@lists.whatwg.org
[mailto:whatwg-bounces at lists.whatwg.org] On Behalf Of Mikko Rantalainen
Sent: Wednesday, June 18, 2008 9:20 AM
To: whatwg at lists.whatwg.org
Subject: Re: [whatwg] Sandboxing to accommodate user generated content.

Frode B?rli wrote:
>>> I have been reading up on past discussions on sandboxing content, and
>>>
>>> My main arguments for having this feature (in one form or another) in
>>> the browser is:
>>>
>>> - It is future proof. Changes to browsers (for example adding
>>> expression support to css) will never again require old sanitizers to
>>> be updated.

Unless some braindead vendor is going to add scripting-in-sandboxing
feature which would be equally braindead to unlimited expression support
in css. You cannot be future proof unless you trust all the players
including ALL possible browser vendors.

[snip]

> This method will be safe for all browsers that has ever existed and
> that will ever exist in the future. If new features are introduced in
> some future version of CSS or HTML - the sandbox is still there and
> the applications created today does not need to have their sanitizers
> updated, ever.

That's a pretty bold claim! I guess that a similar claim could have been
said about CSS support before Microsoft added the "expression()" value
syntax.

Can *you* guarantee that a random browser vendor does not implement
anything stupid for the sandbox content in the future?

-- 
Mikko
Received on Wednesday, 18 June 2008 00:59:25 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:03 UTC