[Webkit-unassigned] [Bug 73083] Fix the Frame Leak Attack
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Apr 2 10:21:38 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=73083
--- Comment #25 from Thomas Sepez <tsepez at chromium.org> 2012-04-02 10:21:38 PST ---
(In reply to comment #24)
> (From update of attachment 133116 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=133116&action=review
>
> > Source/WebCore/ChangeLog:4
> > + Fix the frame leak attack.
> > + https://bugs.webkit.org/show_bug.cgi?id=73083
>
> This title is too aggressive for a change log.
>
Ok, I'll make it more innocent sounding. However, the whole issue has been blogged about extensively by the bug reporter and others, so I'm not sure we're really hiding anything.
> > Source/WebCore/ChangeLog:9
> > + Block cross-origin iframe scroll to fragment behaviour to avoid leaking the
> > + presence or absence of ids on the page. FF has done this for all iframes for
> > + a year now, but our change is more sophisticated in that it only does this in
> > + the dangerous cross-orgin case.
>
> What is the reason for not matching Firefox? Has there been compat fallout?
Yes, folks have been annoyed. See https://bugzilla.mozilla.org/show_bug.cgi?id=638598 . I'd like to break as few sites as possible, and avoid having to revisit this should mozilla change their policy to exclude same-origin.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list