Fwd: Data uri origin inheritance

On Wed, Jan 15, 2014 at 4:34 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote:
> On 1/15/14 8:00 AM, João Eiras wrote:
>>
>>  From what I understood, if I have some navigation action from A to B
>> with a data uri, B will inherit the origin from A
>
>
> How are you doing the navigation, exactly?
>

top.document.getElementsByTagName('iframe')[...].src="data:...";

>> Is there any
>> situation where the script would be in a different origin from A ? The
>> only thing I came up with was fiddling with document.domain
>
>
> I believe that's correct for the origin bits.
>
> But note that there are things other than origin that we may want to inherit
> here.  For example, CSP settings.
>

Hum... I did not understand the answer. Again "How can a script in B
trigger a navigation in A while having a different origin? What's the
setup between A and B ?"

>
>> have A still, have a third C document in an iframe which runs in a
>> sub-domain
>> of A, assign document.domain and run a script in C which tells A to
>> navigate to the data uri.
>
>
> I think that testcase is backwards.  You want to run a script in C (whether
> triggered by A or not) and that script directly navigates B. In that
> situation B will alias the origin of C.
>

Well, that's what I said: C would tell A to navigate B (actually A is
too much there, C would navigate B).

>
>> In what other ways is this possible to test ? What's the use case for
>> this ?
>
>
> The use case for data: URIs aliasing origins at all?  Or for the specific
> determination of which origin to alias when you're navigated from JS and the
> callstack has stackframes from different origins?
>

The second question please. I think the first one is pretty standard
and understood by now.

Received on Wednesday, 15 January 2014 17:19:23 UTC