|Main Archive Page > Month Archives > webappsec archives|
On Aug 16, 2007, at 4:17 PM, Amit Klein wrote:
> Anurag Agarwal wrote:
>> I am looking to get views from people on the list about a proposed
>> security restriction in the browsers
> I hope you're aware of Gervase Markham's http://www.gerv.net/
>> *The browser should check with the webserver which domains it can
>> interact with (load files from or submit post data to, etc) for
>> that website. How the check is implemented is upto the browser.*
>> For example: If a page from mybank.com is trying to submit data to
>> attacker.com then before submitting the data, the browser should
>> check with the mybank.com if it is allowed to do so.
>> Q1. is it reasonable?
>> Q2. What are the pros and cons of this approach?
>> Q3. Would it limit some types of browser attacks (like some xss
>> vectors, etc)?
>> Q4. Would it open any new types of attack vectors?
> For one, it doesn't fully handle situations in which the XSS
> payload can write compromised data to another (publicly accessible,
> or at least attacker accessible) part of the site. For example, an
> XSS payload may take the cookie value and "store" it in another
> part of the site, such as a page to where comments can be
> submitted. The attacker then only needs to frequently poll this
> section of the site and collect the data.
According to my understanding of content restrictions, this would depend on:
of course, nothing says that a website would have such a policy or that its written well... but the spec should be able to accommodate this restriction.
Have a question? Search The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]