Hi Boris, Dan spoke to me earlier today about possibly preventing NAT connections when a page is loaded from a non-nat ip. I took a look this evening. It doesn't look very hard, but the hard part was connecting up the docshell and the socket transport. You see, when a page first gets loaded, we need to immediately determine if it is from a private IP. If it is, then loading of dependent content seams safe and we will allow it. However, if this first load is from a public IP, subsequent loads for the same document are watch to ensure they are also all in the public IP space.
They way i sort of did this was to (HACK!) punch a big hole from the SocketTransport all the way to the docshell. Ugly. It is also not clear if I have the right stuff in place to also protect against xmlhttprequests. Worse yet, this is -per- protocol. similar plumbing would be required for FTP et al. Two questions: 1) should a socket know about what document it is loading it? Or is there a cleaner way of doing this? 2) if we were to implement this sort of security mechanism, should we go the route of the security UI, and watch pages (and DNS resolution) externally? We would have to add a new API to the socket transport so that we would be able to get these DNS resolution notifications. Doug _______________________________________________ dev-tech-network mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-network
