- From: Hallvord R M Steen <hallvors@gmail.com>
- Date: Mon, 29 Sep 2008 14:54:45 +0200
2008/9/29 Michal Zalewski <lcamtuf at dione.cc>: > I definitely like the "Origin" proposal the most of all the opt-in schemes, > simply because it permits trusted domains to be whitelisted for many > applications that rely on same-origin separation to implement security > sandboxes. > > It still completely ignores the question of how we protect gadgets / mashups > / whatever that are *designed* to be embedded on potentially untrusted > sites, but depend on having the integrity of their UIs preserved After giving this quite some thought over the weekend, my conclusion is that this basically isn't doable - simply because it is a UI issue, UI is all about communicating to end users and the likelyhood of finding a solution that communicates the complexity of this in a way users will understand is practcally 0. The idea I liked most was a sort of "automatically raise IFRAMEs to topmost z-index when focused" combined with some way to temporarily flash the address - but IMO it's not doable because we'll mess up the UI of existing solutions in unexpected ways, and users don't understand URLs and have a quite fuzzy understanding of the basic "different site" concept. I know where you are coming from and hope a UI genius proves me wrong. :) -- Hallvord R. M. Steen
Received on Monday, 29 September 2008 05:54:45 UTC