148
edits
Thirdparty: Difference between revisions
→Rationale
| Line 85: | Line 85: | ||
:''Is the assertion really correct that open redirects should be first party? Counterexamples?'' | :''Is the assertion really correct that open redirects should be first party? Counterexamples?'' | ||
:''Random thought: we could introduce the concept of ''per-tab'' sandboxes (i.e. per docshell). A toplevel redirect could switch mode from double-keying by URIs to keying by docshell. This way, the concept of first party vs. third party disappears -- all cookies for that particular tab get their own sandbox. Complicates things a bit, but might solve the problem of deciding which sandbox a redirect goes into.'' | |||
:5. Consider two cases: ad popups, and login popups. Both need to be considered as having a first party domain of window.opener. By way of example -- Facebook Connect uses a popup window for the Facebook login; this login cookie then needs to be accessible from within an iframe on the original site. Otherwise, the Facebook content will not appear, and in fact the login process will entirely fail. The only way to fix this, with the predicate that iframe is third party, is to keep the popup window within the same sandbox. Conceptually, it makes some sense that popups be considered related to window.opener. | :5. Consider two cases: ad popups, and login popups. Both need to be considered as having a first party domain of window.opener. By way of example -- Facebook Connect uses a popup window for the Facebook login; this login cookie then needs to be accessible from within an iframe on the original site. Otherwise, the Facebook content will not appear, and in fact the login process will entirely fail. The only way to fix this, with the predicate that iframe is third party, is to keep the popup window within the same sandbox. Conceptually, it makes some sense that popups be considered related to window.opener. | ||