[Webkit-unassigned] [Bug 15936] Overly permissive frame navigation allows password theft
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Nov 27 00:11:59 PST 2007
http://bugs.webkit.org/show_bug.cgi?id=15936
------- Comment #3 from hk9565 at gmail.com 2007-11-27 00:11 PDT -------
Thanks for addressing this quickly. According to the comments in your patch,
you implemented the following frame navigation policy:
The navigation change is safe if the active frame is:
- in the same security domain (satisfies same-origin policy)
- the opener frame
- an ancestor or a descendant in frame tree hierarchy
I'm curious why you decided on this policy. It doesn't match Firefox or
Internet Explorer 7. For example, the "Navigate middle frame" link at
<http://xenon.stanford.edu/~abarth/research/nav/frame1.html> is forbidden by
IE7 but allowed by this policy.
If we can reach a consensus frame navigation policy among the major browsers,
then we can standardize the behavior as part of HTML5 and the web at large will
benefit.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list