Mike Samuel wrote: > I don't understand the details of how autocomplete can be exploited. Do > you know of any documentation on this?
browser autocomplete is keyed on domain of page and name of form field. if gadget 1 and gadget 2 are inlined in a page, or served from the same iframe domain, then they'll be in the same autocomplete context, and gadget 2 can read gadget 1's autocomplete values. I think most autocomplete requires human intervention of some sort. I don't really understand all the behavior yet, but most of that seems harmless. the cases that bother me: * user might say "yes, remember name and password" for gadget 1 without realizing that the browser doesn't really know to associate the values with gadget 1 instead of gadget 2. this feels like a real issue. * filled-in values might be readable with a history attack. this seems hard to make a real exploit, this might not be a real issue. > What is the property we would want to enforce? I think I'd like to enforce autocomplete=off for all cajoled forms and cajoled form inputs. that sidesteps the problem of "what if this input changes type?" --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to http://groups.google.com/group/google-caja-discuss To unsubscribe, email [EMAIL PROTECTED] -~----------~----~----~----~------~----~------~--~---
