Re: [whatwg] Location object identity and navigation behavior

On Mon, Jan 7, 2013 at 8:05 PM, Ian Hickson <ian@hixie.ch> wrote:

> On Mon, 7 Jan 2013, Bobby Holley wrote:
> >
> > Aside from concerns about stack introspection, the main downside of this
> > approach is that it's a blacklist, rather than a whitelist (like our
> > other security code), so we'll have to be extra careful when
> > implementing anything new on Location. Please keep that in mind when
> > updating the spec. ;-)
>
> Can you elaborate on what is a blacklist?
>

In the sense that we have to implement it as explicit per-method checks in
C++. Our regular security model is an object-capability system enforced
with wrappers across scope boundaries (using a whitelist), which, as
previously discussed, doesn't jive with the current spec for Location. So
if something new is ever added to nsLocation, we're going to need to
remember to add a security check.

bholley

Received on Tuesday, 8 January 2013 07:18:21 UTC