- From: Michael A. Peters <mpeters@domblogger.net>
- Date: Sat, 07 Mar 2015 15:40:40 -0800
- To: whatwg@lists.whatwg.org
On 03/07/2015 11:50 AM, Krzysztof Jurewicz wrote: *snip* > > What are your thoughts about that? Are there any security considerations > preventing the whitelist solution? Or maybe a more general one should be > worked out? > I do not allow bitcoin: on my servers, nor anything except for http, https, or ftp. The reason is because I have no way of knowing what third party applications might have vulnerabilities (including social engineering) that could be exploited by a specially crafted URI string being fed to them. I don't even allow mailto: I'm a big supporter of bitcoin but especially for a financial application where it can't be undone once confirmed in the blockchain, I just personally think it is too dangerous to even allow bitcoin: URIs on a web page. I prefer the user launch the third party application and enter whatever parameters they want to enter into the client than a link that does things for them, including possibly some things they don't necessarily understand is happening. Especially crypto-currencies where even on Linux systems, the client is often not under a package management system control and may be out of date. QR codes pose the same problem but it is more difficult to trick a user into scanning a QR code, so it is harder to get the user's client to launch via a trick.
Received on Saturday, 7 March 2015 23:41:08 UTC