Changes between Version 1 and Version 2 of Ticket #615, comment 8
- Timestamp:
- 2011-07-30T22:52:15Z (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #615, comment 8
v1 v2 11 11 Anyway, I '''think''' this adequately isolates the injected page. Obviously it needs extensive testing in different browsers; we're relying on the fact that, although the injected page can obtain a reference to its parent (which has an origin shared by other WUI pages) using {{{document.top}}}, the same-origin policy shouldn't allow it to arbitrarily interfere with that parent (even though it can communicate with it). So this is not an example of the "sub-origin" approaches that are criticised in the !Jackson/Barth paper. 12 12 13 {{{img}}} tags in the injected page should still work because those aren't subject to the same-origin policy. (It would be a bug if web content could read the pixels of an image, but that wouldn't be a Tahoe-specific bug.) Similarly for nested frames or iframes in the injected page (the contents of these shouldn't be accessible to the injected page because their origins won't compare equal to the {{{about:blank}}} origin).13 {{{img}}} tags in the injected page should still work because those aren't subject to the same-origin policy. (It would be a bug if web content could read the pixels of an image, but that wouldn't be a Tahoe-specific bug.) Similarly for nested frames or iframes in the injected page (the contents of these shouldn't be accessible to the injected page because their origins won't compare equal to the unique origin generated for the {{{javascript:}}} URL).