[Bug 14329] New: I believe the possible DoS attack "message flooding" should be addressed i.e. a rogue domain uses "postMessage" to crash an implementation, crash another window etc. Jean-Lou Dupont [email protected]

bugzilla Wed, 28 Sep 2011 11:23:13 -0700

http://www.w3.org/Bugs/Public/show_bug.cgi?id=14329


           Summary: I believe the possible DoS attack "message flooding"
                    should be addressed i.e. a rogue domain uses
                    "postMessage" to crash an implementation, crash
                    another window etc. Jean-Lou Dupont [email protected]
           Product: WebAppsWG
           Version: unspecified
          Platform: Other
               URL: http://www.whatwg.org/specs/web-apps/current-work/#top
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Web Messaging (editor: Ian Hickson)
        AssignedTo: [email protected]
        ReportedBy: [email protected]
         QAContact: [email protected]
                CC: [email protected], [email protected]


Specification: http://dev.w3.org/html5/postmsg/
Multipage: http://www.whatwg.org/C#top
Complete: http://www.whatwg.org/c#top

Comment:
I believe the possible DoS attack "message flooding" should be addressed i.e.
a rogue domain uses "postMessage" to crash an implementation, crash another
window etc.

Jean-Lou Dupont
[email protected]

Posted from: 173.178.98.120
User agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko)
Chrome/15.0.874.21 Safari/535.2

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug 14329] New: I believe the possible DoS attack "message flooding" should be addressed i.e. a rogue domain uses "postMessage" to crash an implementation, crash another window etc. Jean-Lou Dupont [email protected]

Reply via email to