Security/CSP/Confidentiality: Difference between revisions

Security/CSP/Confidentiality (view source)

242 bytes added , 23 May 2012

m

no edit summary

6

edits

@@ Line 18: / Line 18: @@
 This would, in particular, be really useful in scenarios where sensitive tokens are present in the document. Currently, a successful HTML injection can possibly  exfiltrate these tokens. For example, exfiltration of a BrowserID URL to login compromises correctness, exfiltration of a unique identifier of the user compromises privacy and so on.
 Another important use case is data vaults: Google Docs, Password Managers, phpMyAdmin are all examples of web applications that handle sensitive data, where content exfiltration attacks might be dangerous. An injection vulnerability in Google Docs can exfiltrate sensitive docs; a injection vulnerability in phpMyAdmin can allow exfiltrate SQL databases.
+|Feature requirements=Even if an attacker achieves code injection, she should not be able to exfiltrate <i>any</i> data to an origin other than the ones in the whiltelist, save for the non-goals listed below.
 |Feature non-goals=Side Channels
@@ Line 38: / Line 37: @@
 {{FeatureInfo
 |Feature priority=Unprioritized
+|Feature theme=Experience / Connect
 |Feature roadmap=Security
 }}
 {{FeatureTeamStatus}}