- From: Jim Ley <jim@jibbering.com>
- Date: Thu, 4 Nov 2004 22:52:31 -0000
- To: "Boris Zbarsky" <bzbarsky@MIT.EDU>
- Cc: <www-svg@w3.org>
"Boris Zbarsky" <bzbarsky@MIT.EDU> > Jim Ley wrote: >> You always have to block random hosts - Mozilla is currently the only >> browser to provide by default (and last I looked non-disablable) access >> to non-originating hosts via javascript http requests. > > That really needs to be disabled, as it happens I agree, but Mozilla developers (and presumably their users) do not. > 1) Cross-site socket access will need to be disallowed for security > reasons Of course. > 2) Access to non-HTTP ports may well need to be disallowed for security > reasons. I don't understand this recommendation, either you only allow back to the _SAME_ port, which is pointless, as you say that would need to talk HTTP (or have some odd server on the other end that can talk HTTP and other protocols, almost certainly too rare a beast to be realistic, and complicated by proxies) or there's little reason to not allow talk back to any port. This is what Flash and Java applets have provided for sometime, without any problem I can find with using these functionalities as a vector to attack machines. > 3) If we limit ourselves to accesing HTTP servers, an API that doesn't > force consumers to implement all of HTTP is preferable. Even if you limit yourself to HTTP ports, you don't limit yourself to HTTP servers. The main use case sockets exist is for time sensitive server push - stock tickers, chat, mail announcements etc. HTTP is not appropriate for this, and the solutions we have today layered on top of HTTP are really inadequate. > Which of these statements do you disagree with? So I disagree with 2 and 3, both seperately and together. Jim.
Received on Thursday, 4 November 2004 22:53:03 UTC