[Webkit-unassigned] [Bug 90618] Add folder access policy to allow local access to same folder and child folders

Tue Jul 10 08:55:50 PDT 2012

https://bugs.webkit.org/show_bug.cgi?id=90618

--- Comment #10 from Yong Li <yoli at rim.com>  2012-07-10 08:55:49 PST ---
(In reply to comment #9)
> > 1) This patch doesn't change the behavior of symmetric methods like equal() and isSameSchemeHostPort().
> 
> Right, but it encourages people to use canAccess in an asymmetric way, which doesn't work the way you'd expect.
> 
> > 2) The security model DOES support asymmetric access. 
> 
> No, it doesn't.  If A canAccess B, then B can hack A, which means that the relation isn't actually asymmetric.
> 
> > 2.1) when a security origin has universal access, it can access those security origins that doesn't have universal access. For example, it can be configured to give file URL universal access and block HTTP URL from accessing file URL.
> 
> Universal access is very insecure and should never be used.  I would remove it from WebKit if I could.
> 
> > 2.2) Whitelist isn't symmetric. A security origin may be able to access another because the target is in its whitelist. It is asymmetric.
> 
> That's different because canRequest deals only with passive objects, like HTTP responses, not active objects like frames.

What if I apply this policy only to canRequest? That will at least solve some issues for sure.

> 
> We've had this discussion many times over the years.  The current policy isn't great, but it works ok.  Folk shouldn't be using file URLs anyway.  Their security model is completely broken.

This is why I'm adding this policy, to make file URL work better. The policy doesn't affect any port/product as long as it is not turned on.

No matter we like or don't like, file URLs is still being widely used. Many of our layout tests is based on file URL.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.