On Wednesday, November 27, 2019 at 7:50:46 PM UTC+1, s.h...@gmail.com wrote:
> >Conversely, there would be another attack to link to
> >attacker spaces on already-trusted sites (but no top-level) >and get
> >silently access too.
> That is not silent, because user would have already granted permission to
> that origin to access in previous model.
>
>
> >Besides, if a user granted skype.com, the origin is
> >vulnerable to HTML injection, then when an attacker
> >requests a permission grant, the users may not have any
> >context for or understanding of them, that is very
> >confusing and users tend to accept that request because
> >they are under a trusted context of the top-level origin.
> So the way you are solving this problem is, instead of showing prompt with
> iframe’s origin, just delegate permission from top frame or request
> permission with the origin of top frame? How did that made the situation
> better? You are ultimately taking away origin indicator from people who
> understood what it means :(
>
> I’m really disappointed that Firefox is taking this path.
The idea to change comes from a couple of reasons. One as I mentioned, there
were attacks, deep linking to attacker spaces on already-trusted sites (not the
top), and a couple of UI issues that could be resolved by this simplification.
So sorry if it hurts your, anw, thanks for your idea, we will look into that to
see if we have any mitigation
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
