I asked Collin Jackson about two other browser security issues: the referer header and the possibility of malicious JavaScript in one window being able to read the URL from another window. Here are his answers.
Regards, Zooko Begin forwarded message: > From: "Collin Jackson" <[EMAIL PROTECTED]> > Date: November 8, 2008 15:32:08 PM MST > To: zooko <[EMAIL PROTECTED]> > Subject: Re: Disabling clipboard access in Internet Explorer ... > > In a related issue, can you tell me the scoop on how my users > > can most easily suppress refererer headers entirely? > > Most of the techniques involve making the request come from a non- > HTTP scheme. The browser usually won't bother to send a Referer in > this case. > > Option A: ftp scheme > > ftp://site.com/source.html > > Option B: about:blank scheme > > w = window.open(""); > w.document.write("<form ...>"); > w.document.forms[0].submit(); > > Option C: javascript: scheme > > window.location="javascript:'<script>window.location='...</script>'" > > > And in a related issue, how can we arrange it so that > > JavaScript running in one Window or tab cannot read the > > URL of another window or tab? > > Under the current browser security policy, if they're running in > the same security context, it's very hard to keep them apart. My > recommendation would be to put them in different security contexts > (scheme/host/port). I am happy to help find examples of attacks on > proposed designs that don't do this. > > Collin _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
