Oh, I see. Pardon my ignorance, but would it be possible to have a separate sandboxed process for each domain, each presumably sending back only sanitary, rendered data?
david rosen On Sep 9, 3:37 am, Darin Fisher <[EMAIL PROTECTED]> wrote: > It doesn't really address XSS attacks since IFRAMEs are loaded in the same > process as the parent. > -Darin > > On Mon, Sep 8, 2008 at 6:01 PM, david rosen <[EMAIL PROTECTED]> wrote: > > > Thwarting XSS attacks isn't something I've seen specifically mentioned > > as a benefit of chrome's sandbox-per-domain-per-tab architecture. I > > would think most xss would be prevented by this architecture, but can > > someone comment on this? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Chromium-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/chromium-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
