[whatwg] Please consider dropping the "sandbox" attribute from the <iframe> element from Tantek Çelik on 2010-08-03 (public-whatwg-archive@w3.org from August 2010)

From: Tantek Çelik <tantek@cs.stanford.edu>
Date: Tue, 3 Aug 2010 12:10:26 -0700
Message-ID: <AANLkTi=7xJBofr+8VJWN=zSnyBuv4H6G_EgkXxu6fXOj@mail.gmail.com>

On Mon, Aug 2, 2010 at 6:41 AM, Maciej Stachowiak <mjs at apple.com> wrote:
>
> On Aug 1, 2010, at 6:59 PM, Tantek ?elik wrote:
>
>> Summary: The new 'sandbox' feature on <iframe> should be considered
>> for removal. It needs a security review, it will be a lot of work to
>> implement properly, and may not actually solve the problem it is
>> intending to solve.
>>
>> More details here:
>>
>> http://wiki.whatwg.org/wiki/Iframe_Sandbox
>>
>> I encourage fellow web authors and browser implementers to add their
>> opinions/comments to that wiki page.
>
> As other have mentioned, <iframe sandbox> has been implemented in WebKit for some time. Additional points of information:
>
> 1) It's shipping in current versions of Safari and Chrome.
> 2) Security experts have reviewed it. @sandbox itself seems pretty solid, although there are possibly issues with related features such as text/html-sandboxed and @seamless.
> 3) Content has been built using it.
> 4) While it's unclear if <iframe sandbox> will work well for comments or other such cases of seamless untrusted content, it seems clearly useful for use cases like gadgets and ads.
>
> While more security review is always welcome, it seems like the basic idea is solid, and it's demonstrably implementable. The initial patch implementing it for WebKit can be seen here: <http://trac.webkit.org/changeset/51577>. This patch was 100k, but more than half of it is tests and the ChangeLog entry.


Ian, Adam, Maciej, I very much appreciate the follow-up information
you provided regarding this proposal.


I've captured it on the WHATWG wiki here:

http://wiki.whatwg.org/wiki/Iframe_Sandbox#why_sandbox_should_be_kept


The only outstanding requests I have are (on that wiki page)

1. Adam, it would be great if you could write up the "summary of all the
security discussion" - or at least provide links to some of it for
further reading.

http://wiki.whatwg.org/wiki/Iframe_Sandbox#security


2. Maciej, could you provide a few URLs to  "content [that] has been
built using it." ?

http://wiki.whatwg.org/wiki/Iframe_Sandbox#examples_in_the_wild


3. Maciej, could you provide code examples for how sandbox could be
used for the use cases you mention of gadgets and ads?

http://wiki.whatwg.org/wiki/Iframe_Sandbox#use_cases


Thanks much,

Tantek

-- 
http://tantek.com/ - I made an HTML5 tutorial! http://tantek.com/html5

Received on Tuesday, 3 August 2010 12:10:26 UTC