- From: Adam Barth <whatwg@adambarth.com>
- Date: Fri, 12 Feb 2010 23:54:20 -0800
On Fri, Feb 12, 2010 at 11:48 PM, Michal Zalewski <lcamtuf at coredump.cx> wrote: >> Can a frame in @sandbox ever navigation the top-level frame? ?If not, >> that would make it hard to use @sandbox to contain advertisements, >> which want to navigate |top| when the user clicks on the ad. > > Ads would want to be able to do that, but user-controlled gadgets > shouldn't. I suppose the top-level page should be able to specify, and > the entire @sandbox chain would need to be traversed to make the call > (so that @sandbox included on example.com that is prohibited from > messing with the top-level frame can't just create a nested frame > without the restriction, and bypass the check). > > I assume that chain-style checking is already a part of the spec, as > we obviously don't want other restrictions to be removed in a similar > manner? Yes, the sandbox restrictions collect in subframes. Perhaps we want an "allow-frame-busting" directive? In the implementation we have an "allow-navigation" bit that covers navigation |top| as well as window.open, etc. Maybe we want a more general directive that twiddles this bit? Adam
Received on Friday, 12 February 2010 23:54:20 UTC