On Jan 15, 2008, at 10:01 AM, Boris Zbarsky wrote: > Doug Turner wrote: > >> 1) should a socket know about what document it is loading it? Or is >> there a cleaner way of doing this? > > What basically needs to happen is that some time after we get the IP > address > being loaded we need to still know the principal doing the load. > Whether this > happens in the socket transport or in the DNS resolver consumer (are > they the > same thing?) doesn't matter that much. > > Due to the fact that the principal is not passed through in the > Necko APIs, I > suspect that any solution we create will be per-protocol and in > particular any > extension implementing a protocol handler would reopen the hole > unless it took > special measures... It might be that we'll at least protect the > extensions that > map their protocol to HTTP; depends on how we set this up. > >> 2) if we were to implement this sort of security mechanism, should >> we go >> the route of the security UI, and watch pages (and DNS resolution) >> externally? We would have to add a new API to the socket transport so >> that we would be able to get these DNS resolution notifications. > > That would obviate the need for per-protocol things, right? The > problem then > remains one of matching up loading principal with each load. Note > that the > security UI doesn't get things all that right, in the end. :( > > -Boris > > _______________________________________________ > dev-tech-network mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-tech-network
Sounds like you are confirming what I found -- there is no easy way to go from DNS resolution in the socket transport to the "responsible" document that caused the load. Basically, what it looks like is that, DNS resolution makes a callback to the Socket Transport (onLookupComplete). At this point, we can determine if the dns recorded contained any private IPs. If it does, we want to walk back up to the "responsible" document and see where that it was also loaded from a private ip. It looks like the socket transport can talk to the http connection which may know something about the http channel which seams to know that there is a doc shell set as the interface requestor. I suppose we can add an interface to the docshell keep track of how context is loaded, but this feels extremely brittle. Doug _______________________________________________ dev-tech-network mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-network
