RE: ISSUE-95: bookmark API interactions

See the AddFavorite() method [1] supported by IE.


[1] "AddFavorite Method (external)"

-----Original Message-----
From: []
On Behalf Of Thomas Roessler
Sent: Wednesday, August 01, 2007 11:21 AM
To: Web Security Context Issue Tracker
Subject: Re: ISSUE-95: bookmark API interactions

On 2007-08-01 17:29:41 +0000, Web Security Context Issue Tracker

> We need to have a look at the interfaces exposed to pages in

... scripts running as part of Web content, that is.  Sorry for poor
phrasing during the call.

> order to enable bookmarking of sites: If an attacker can cause
> (through bad user interaction or otherwise) a site with a trusted
> name to be bookmarked, then that attacker has effectively laid
> the groundwork for successful bookmark-based phishing.

Thomas Roessler, W3C  <>

Received on Thursday, 2 August 2007 00:10:25 UTC