Skip to content

Commit

Permalink
[giow] (0) Prevent seamless='' from being used in iframes embedded in…
Browse files Browse the repository at this point in the history
… sandboxed iframes.

git-svn-id: http://svn.whatwg.org/webapps@4407 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
Hixie committed Dec 6, 2009
1 parent 16de45d commit 3a6cfaf
Show file tree
Hide file tree
Showing 3 changed files with 87 additions and 22 deletions.
37 changes: 29 additions & 8 deletions complete.html
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@

<header class=head><p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
<hgroup><h1>Web Applications 1.0</h1>
<h2 class="no-num no-toc">Draft Standard &mdash; 4 December 2009</h2>
<h2 class="no-num no-toc">Draft Standard &mdash; 6 December 2009</h2>
</hgroup><p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
<p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
<!--<p class="impl"><strong>Implementors!</strong> We have a <a href="http://www.whatwg.org/mailing-list#implementors">mailing list</a> for you too!</p>-->
Expand Down Expand Up @@ -20404,6 +20404,23 @@ <h4 id=the-iframe-element><span class=secno>4.8.3 </span>The <dfn><code>iframe</
</dd>


<dt>The <dfn id=sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</dfn></dt>

<dd>

<p>This flag prevents content from using the <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attribute on
descendant <code><a href=#the-iframe-element>iframe</a></code> elements.</p>

<p class=note>This prevents a page inserted using the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
keyword from using a CSS-selector-based method of probing the DOM
of other pages on the same site (in particular, pages that contain
user-sensitive information).</p>

<!-- http://lists.w3.org/Archives/Public/public-web-security/2009Dec/thread.html#msg51 -->

</dd>


<dt>The <dfn id=sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</dfn>, unless
the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute's
value, when <a href=#split-a-string-on-spaces title="split a string on spaces">split on
Expand Down Expand Up @@ -20526,13 +20543,16 @@ <h4 id=the-iframe-element><span class=secno>4.8.3 </span>The <dfn><code>iframe</
context</a> is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). <span class=impl>Specifically, when the
attribute is set on an element and while the <a href=#browsing-context>browsing
context</a>'s <a href=#active-document>active document</a> has the <a href=#same-origin>same
origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, or the
<a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a>'s
<em><a href="#the-document's-address" title="the document's address">address</a></em> has the
<a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's
document, the following requirements apply:</span></p>
attribute is set on an <code><a href=#the-iframe-element>iframe</a></code> element whose owner
<code>Document</code>'s <a href=#browsing-context>browsing context</a> does not have
the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set and while
either the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
document</a> has the <a href=#same-origin>same origin</a> as the
<code><a href=#the-iframe-element>iframe</a></code> element's document, or the <a href=#browsing-context>browsing
context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
document's address">address</a></em> has the <a href=#same-origin>same
origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, the
following requirements apply:</span></p>

<div class=impl>

Expand Down Expand Up @@ -86512,6 +86532,7 @@ <h3 class="no-num">Reflecting IDL attributes</h3>
Drew Wilson,
Edmund Lai,
Eduard Pascual,
Eduardo Vela,
Edward O'Connor,
Edward Welbourne,
Edward Z. Yang,
Expand Down
35 changes: 28 additions & 7 deletions index
Original file line number Diff line number Diff line change
Expand Up @@ -20242,6 +20242,23 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
</dd>


<dt>The <dfn id=sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</dfn></dt>

<dd>

<p>This flag prevents content from using the <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attribute on
descendant <code><a href=#the-iframe-element>iframe</a></code> elements.</p>

<p class=note>This prevents a page inserted using the <code title=attr-iframe-sandbox-allow-same-origin><a href=#attr-iframe-sandbox-allow-same-origin>allow-same-origin</a></code>
keyword from using a CSS-selector-based method of probing the DOM
of other pages on the same site (in particular, pages that contain
user-sensitive information).</p>

<!-- http://lists.w3.org/Archives/Public/public-web-security/2009Dec/thread.html#msg51 -->

</dd>


<dt>The <dfn id=sandboxed-origin-browsing-context-flag>sandboxed origin browsing context flag</dfn>, unless
the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute's
value, when <a href=#split-a-string-on-spaces title="split a string on spaces">split on
Expand Down Expand Up @@ -20364,13 +20381,16 @@ href="?audio"&gt;audio&lt;/a&gt; test instead.)&lt;/p&gt;</pre>
context</a> is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). <span class=impl>Specifically, when the
attribute is set on an element and while the <a href=#browsing-context>browsing
context</a>'s <a href=#active-document>active document</a> has the <a href=#same-origin>same
origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, or the
<a href=#browsing-context>browsing context</a>'s <a href=#active-document>active document</a>'s
<em><a href="#the-document's-address" title="the document's address">address</a></em> has the
<a href=#same-origin>same origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's
document, the following requirements apply:</span></p>
attribute is set on an <code><a href=#the-iframe-element>iframe</a></code> element whose owner
<code>Document</code>'s <a href=#browsing-context>browsing context</a> does not have
the <a href=#sandboxed-seamless-iframes-flag>sandboxed seamless iframes flag</a> set and while
either the <a href=#browsing-context>browsing context</a>'s <a href=#active-document>active
document</a> has the <a href=#same-origin>same origin</a> as the
<code><a href=#the-iframe-element>iframe</a></code> element's document, or the <a href=#browsing-context>browsing
context</a>'s <a href=#active-document>active document</a>'s <em><a href="#the-document's-address" title="the
document's address">address</a></em> has the <a href=#same-origin>same
origin</a> as the <code><a href=#the-iframe-element>iframe</a></code> element's document, the
following requirements apply:</span></p>

<div class=impl>

Expand Down Expand Up @@ -78294,6 +78314,7 @@ interface <a href=#htmldocument>HTMLDocument</a> {
Drew Wilson,
Edmund Lai,
Eduard Pascual,
Eduardo Vela,
Edward O'Connor,
Edward Welbourne,
Edward Z. Yang,
Expand Down
37 changes: 30 additions & 7 deletions source
Original file line number Diff line number Diff line change
Expand Up @@ -21688,6 +21688,25 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></pre>
</dd>


<dt>The <dfn>sandboxed seamless iframes flag</dfn></dt>

<dd>

<p>This flag prevents content from using the <code
title="attr-iframe-seamless">seamless</code> attribute on
descendant <code>iframe</code> elements.</p>

<p class="note">This prevents a page inserted using the <code
title="attr-iframe-sandbox-allow-same-origin">allow-same-origin</code>
keyword from using a CSS-selector-based method of probing the DOM
of other pages on the same site (in particular, pages that contain
user-sensitive information).</p>

<!-- http://lists.w3.org/Archives/Public/public-web-security/2009Dec/thread.html#msg51 -->

</dd>


<dt>The <dfn>sandboxed origin browsing context flag</dfn>, unless
the <code title="attr-iframe-sandbox">sandbox</code> attribute's
value, when <span title="split a string on spaces">split on
Expand Down Expand Up @@ -21826,13 +21845,16 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></pre>
context</span> is to be rendered in a manner that makes it appear to
be part of the containing document (seamlessly included in the
parent document). <span class="impl">Specifically, when the
attribute is set on an element and while the <span>browsing
context</span>'s <span>active document</span> has the <span>same
origin</span> as the <code>iframe</code> element's document, or the
<span>browsing context</span>'s <span>active document</span>'s
<em><span title="the document's address">address</span></em> has the
<span>same origin</span> as the <code>iframe</code> element's
document, the following requirements apply:</span></p>
attribute is set on an <code>iframe</code> element whose owner
<code>Document</code>'s <span>browsing context</span> does not have
the <span>sandboxed seamless iframes flag</span> set and while
either the <span>browsing context</span>'s <span>active
document</span> has the <span>same origin</span> as the
<code>iframe</code> element's document, or the <span>browsing
context</span>'s <span>active document</span>'s <em><span title="the
document's address">address</span></em> has the <span>same
origin</span> as the <code>iframe</code> element's document, the
following requirements apply:</span></p>

<div class="impl">

Expand Down Expand Up @@ -96776,6 +96798,7 @@ interface <span>HTMLDocument</span> {
Drew Wilson,
Edmund Lai,
Eduard Pascual,
Eduardo Vela,
Edward O'Connor,
Edward Welbourne,
Edward Z. Yang,
Expand Down

0 comments on commit 3a6cfaf

Please sign in to comment.