W3C home > Mailing lists > Public > whatwg@whatwg.org > July 2013

Re: [whatwg] Feedback on Web Worker specification

From: Ian Hickson <ian@hixie.ch>
Date: Tue, 16 Jul 2013 18:12:02 +0000 (UTC)
To: Fred Andrews <fredandw@live.com>
Message-ID: <alpine.DEB.2.00.1307161810490.31051@ps20323.dreamhostps.com>
Cc: "whatwg@whatwg.org" <whatwg@whatwg.org>
On Thu, 22 Nov 2012, Fred Andrews wrote:
> > 
> > Why would the user disable JavaScript if they wanted the page to act 
> > like JavaScript was enabled?
> 
> To avoid scripts leaking private state accessible via the DOM and other 
> APIs the user could disable or restrict JS in contexts that have access 
> to the DOM or other APIs.  The 'web worker' like context would not have 
> access to the DOM or other APIs and thus not be a security risk and 
> could be allowed access to the web to forward information into the UA 
> secure context.  It is also proposed that the 'web worker' like context 
> receive defined intentional input from users.

I don't understand the security model here, or the attack vector you are 
concerned about.

Who are we trying to protect the DOM from?

How would a script running in a worker be able to cause any effect that 
the user could see, if the script cannot communicate with a script that 
does have access to the DOM?

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Tuesday, 16 July 2013 18:12:28 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 17:00:03 UTC