Replaced 'alias' with 'copy' for less ambiguity #273
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mikewest
reviewed
Nov 28, 2017
index.src.html
Outdated
| @@ -1172,11 +1172,12 @@ <h4 id="initialize-document-csp" algorithm> | |||
|
|
|||
| 1. For each |policy| in |doc|'s <a for="Document">CSP list</a>: | |||
|
|
|||
| 1. Insert an alias to |policy| in |document|'s | |||
| 1. Insert a copy of |policy| in |document|'s | |||
| Note: <a>local scheme</a> includes `about:`, and this algorithm will | ||
| therefore alias the <a>embedding document</a>'s policies for <a>an iframe | ||
| therefore copy the <a>embedding document</a>'s policies for <a>an iframe | ||
| `srcdoc` `Document`</a>. |
There was a problem hiding this comment.
I think we should spell this out in a little more detail in a security considerations section. Maybe something like:
As described in [[#link-to-this-section]], documents loaded from [=local schemes=] will be initialized with a copy of their opener's [=CSP list=]. The goal is both to ensure that a page can't bypass its policy by embedding a frame or popping up a new window containing content it entirely controls (
srcdocdocuments,blob:resources,about:blankthat can be poked at viadocument.write(), etc). For example:// TODO(andypaicu): Example goes here. ;)Note that we create a copy of the relevant policies when initializing the new document's [=CSP list=]. This means that the new document's policies are a snapshot of the relevant [=CSP list=] at its creation time. It's possible that more policies could be added to the new document after initialization: these would not be applied to the opener context. Likewise, if more policies are added to the opener context, the new document's [=CSP list=] would be unaffected.
// TODO(andypaicu): Another example!
WDYT?
index.src.html
Outdated
| @@ -1212,11 +1213,11 @@ <h4 id="initialize-global-object-csp" algorithm> | |||
|
|
|||
| 1. For each |policy| in |owner|'s <a for="global object">CSP list</a>: | |||
|
|
|||
| 1. Insert an alias to |policy| in |global|'s | |||
| 1. Insert a copy of |policy| in |global|'s | |||
index.src.html
Outdated
| @@ -1231,7 +1232,7 @@ <h4 id="initialize-global-object-csp" algorithm> | |||
|
|
|||
| 2. For each |policy| in |owner|'s <a for="global object">CSP list</a>: | |||
|
|
|||
| 1. Insert an alias to |policy| in |global|'s <a for="global object">CSP list</a>. | |||
| 1. Insert a copy of |policy| in |global|'s <a for="global object">CSP list</a>. | |||
|
This looks reasonable, thanks! |
|
(Also: I'm assuming you're going to add tests for this when you send me a patch against Chromium? :) ) |
|
Thank you @mikewest for the review. I've added a new section. |
|
Oh. Even better! Should be trivial to add tests, then. :) |
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Nov 30, 2017
When a new context is opened that inherits the CSP of the parent it should make a copy of it. If any changes are done to the parent or child CSP list they should be independant. Spec change: w3c/webappsec-csp#273 Bug: 789967 Change-Id: I27414e42f02e56d4903cf193192df9fb323093d2
|
web-platform-tests/wpt#8520 I'm also adding a test for this |
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Nov 30, 2017
When a new context is opened that inherits the CSP of the parent it should make a copy of it. If any changes are done to the parent or child CSP list they should be independant. Spec change: w3c/webappsec-csp#273 Bug: 789967 Change-Id: I27414e42f02e56d4903cf193192df9fb323093d2
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Dec 1, 2017
When a new context is opened that inherits the CSP of the parent it should make a copy of it. If any changes are done to the parent or child CSP list they should be independant. Spec change: w3c/webappsec-csp#273 Bug: 789967 Change-Id: I27414e42f02e56d4903cf193192df9fb323093d2 Reviewed-on: https://chromium-review.googlesource.com/800691 Reviewed-by: Mike West <[email protected]> Commit-Queue: Andy Paicu <[email protected]> Cr-Commit-Position: refs/heads/master@{#520910}
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Dec 1, 2017
When a new context is opened that inherits the CSP of the parent it should make a copy of it. If any changes are done to the parent or child CSP list they should be independant. Spec change: w3c/webappsec-csp#273 Bug: 789967 Change-Id: I27414e42f02e56d4903cf193192df9fb323093d2 Reviewed-on: https://chromium-review.googlesource.com/800691 Reviewed-by: Mike West <[email protected]> Commit-Queue: Andy Paicu <[email protected]> Cr-Commit-Position: refs/heads/master@{#520910}
MXEBot
pushed a commit
to mirror/chromium
that referenced
this pull request
Dec 2, 2017
When a new context is opened that inherits the CSP of the parent it should make a copy of it. If any changes are done to the parent or child CSP list they should be independant. Spec change: w3c/webappsec-csp#273 Bug: 789967 Change-Id: I27414e42f02e56d4903cf193192df9fb323093d2 Reviewed-on: https://chromium-review.googlesource.com/800691 Reviewed-by: Mike West <[email protected]> Commit-Queue: Andy Paicu <[email protected]> Cr-Commit-Position: refs/heads/master@{#520910}
april
added a commit
to april/webappsec-csp
that referenced
this pull request
Jan 17, 2018
* 'master' of https://github.com/w3c/webappsec-csp: (209 commits) Fix a few typos (w3c#280) Introduce 'prefetch-src'. (w3c#283) Clarify navigation behavior for 'script-src'. Incorrect indentation of the navigation check algorithm. IDL amendments and small misc issues. (w3c#271) Regenerate HTMLs. Origin link. NoncedElement link. link up inline css issue (w3c#228) Replaced 'alias' with 'copy' for less ambiguity (w3c#273) Cleanup `global object` usage to make sense with `Documents` (w3c#254) Elements with duplicated attributes are not nonceable. s/not-example.com/example.org/ Linked testing policy and fixed a few links (w3c#263) Rebuild HTML. Fix linking errors to 'script-like' and 'applet'. Adds WorkletGlobalScope as a concept to CSP. (w3c#205) Slight correction of host matching description (w3c#251) Fixed ambigous grammar (w3c#250) Replace Request.type based logic with Request.destination (w3c#231) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Preview | Diff