W3C home > Mailing lists > Public > whatwg@whatwg.org > February 2010

[whatwg] @sandbox and navigation top

From: Adam Barth <whatwg@adambarth.com>
Date: Fri, 12 Feb 2010 23:54:20 -0800
Message-ID: <7789133a1002122354o57860a40sebd46d9172ab8514@mail.gmail.com>
On Fri, Feb 12, 2010 at 11:48 PM, Michal Zalewski <lcamtuf at coredump.cx> wrote:
>> Can a frame in @sandbox ever navigation the top-level frame? ?If not,
>> that would make it hard to use @sandbox to contain advertisements,
>> which want to navigate |top| when the user clicks on the ad.
>
> Ads would want to be able to do that, but user-controlled gadgets
> shouldn't. I suppose the top-level page should be able to specify, and
> the entire @sandbox chain would need to be traversed to make the call
> (so that @sandbox included on example.com that is prohibited from
> messing with the top-level frame can't just create a nested frame
> without the restriction, and bypass the check).
>
> I assume that chain-style checking is already a part of the spec, as
> we obviously don't want other restrictions to be removed in a similar
> manner?

Yes, the sandbox restrictions collect in subframes.

Perhaps we want an "allow-frame-busting" directive?  In the
implementation we have an "allow-navigation" bit that covers
navigation |top| as well as window.open, etc.  Maybe we want a more
general directive that twiddles this bit?

Adam
Received on Friday, 12 February 2010 23:54:20 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:21 UTC