The primary use case is the same one as the web: malicious 3rd party scripts. The less plausible theory is John Resig decides to 'go rogue' and take out the internet by publishing an evil jQuery to the edge. The more realistic scenario is embedded advertising getting pwnd and now all our customers contacts, photos, videos, and who-knows-what-else gets stolen leaving you holding the bag.
The more I think about this the more I think the default should be * and the functionality should be opt in with strong language in the documentation recommending this as a part of securing the app for release. On Fri, Nov 2, 2012 at 9:23 AM, Lorin Beer <lorin.beer....@gmail.com> wrote: > > > > I am with Fil, I never use it, and the first thing I do is * it. > > > same here, and then I never think about the whitelist as a security > solution again. > > +1 for covering data sanitization and security in docs > > What use cases are we enabling by having the whitelist? > > > I'd be very interested to hear a solid use case as well. If none are > forthcoming/obvious, I think this is good justification for opening it up > as Brian suggests. > > On Fri, Nov 2, 2012 at 2:17 AM, Jesse <purplecabb...@gmail.com> wrote: > > > I am with Fil, I never use it, and the first thing I do is * it. > > > > I think it also gives developers the impression that they just load > > arbitrary untrusted content into their apps, and the whitelist will > > protect them. > > > > Untrusted content will always need to be sanitized, however, having > > the whitelist even prevents use of the InAppBrowser ( formerly > > ChildBrowser ) plugin for it's main use-case. > > If I were to make a twitter client with cordova, I would have to * the > > whitelist so I could load links without exiting, and I would still > > have to sanitize the data ... > > > > What use cases are we enabling by having the whitelist? > > > > > > > > > > > > On Fri, Nov 2, 2012 at 12:27 AM, Brian LeRoux <b...@brian.io> wrote: > > > I feel its a good feature for a release time but not so during > > development > > > time. So what ends up happening is the thing gets *, forgotten about, > and > > > negates the usefulness. > > > > > > I'm in favor of opening it up and using docs to guide how ppl should > > secure > > > their app for release/production. > > > > > > > > > On Thu, Nov 1, 2012 at 10:30 PM, Filip Maj <f...@adobe.com> wrote: > > > > > >> Personally I think the whitelist is pretty useless... > > >> > > >> On 11/1/12 7:32 PM, "Ken Wallis" <kwal...@rim.com> wrote: > > >> > > >> >Not sure why the BlackBerry version white lists everything. We don't > do > > >> >that in WebWorks ;) > > >> > > > >> > > > >> > > > >> >From: Steven Gill > > >> >To: dev@cordova.apache.org > > >> >Reply To: dev@cordova.apache.org > > >> >Re: Whitelist defaults > > >> >2012-11-01 10:30:42 PM > > >> > > > >> > > > >> > > > >> >+1 to point it out in the getting started guides. > > >> >On Nov 1, 2012 6:35 PM, "Marcel Kinard" wrote: > > >> > > > >> >> Also sounds like a good step/topic in the "getting started" guides. > > >> >> > > >> >> -- Marcel Kinard > > >> >> > > >> >> On 11/1/2012 8:36 PM, Dave Johnson wrote: > > >> >> > > >> >>> Yup agree it should whitelist nothing but it also needs to be very > > >> >>>clear > > >> >>> in > > >> >>> the log when we block a request that it's due to the whitelist. > > >> >>> > > >> >>> On Thursday, November 1, 2012, Shazron wrote: > > >> >>> > > >> >>> I concur with Kevin. It won't be much of a whitelist if no one > uses > > it > > >> >>>> -- I > > >> >>>> would argue that if you set it to "*" by default, no dev will > > >> >>>>(usually) > > >> >>>> change that, especially if they don't know there is a whitelist > in > > the > > >> >>>> first place. > > >> >>>> > > >> >>>> > > >> >>>> On Thu, Nov 1, 2012 at 4:48 PM, Kevin Hawkins < > > >> >>>> kevin.hawkins.cordova@gmail.**com > wrote: > > >> >>>> > > >> >>>> From a security perspective, I'm partial to the iOS (nothing) > > default, > > >> >>>>> recognizing of course that there are certain usability drawbacks > > to > > >> >>>>>that > > >> >>>>> approach. > > >> >>>>> > > >> >>>>> On Thu, Nov 1, 2012 at 4:34 PM, Filip Maj > > > >> >>>>> > > >> >>>> wrote: > > >> >>>> > > >> >>>>> Quick q: how come Android + BB's whitelists by default whitelist > > >> >>>>>> everything (*), but iOS does the opposite (whitelist nothing)? > > >> >>>>>> > > >> >>>>>> I'd like to see this unified across all platforms we support. > > >> >>>>>> > > >> >>>>>> > > >> >>>>>> > > >> >> > > >> > > > >> >--------------------------------------------------------------------- > > >> >This transmission (including any attachments) may contain > confidential > > >> >information, privileged material (including material protected by the > > >> >solicitor-client or other applicable privileges), or constitute > > >> >non-public information. Any use of this information by anyone other > > than > > >> >the intended recipient is prohibited. If you have received this > > >> >transmission in error, please immediately reply to the sender and > > delete > > >> >this information from your system. Use, dissemination, distribution, > or > > >> >reproduction of this transmission by unintended recipients is not > > >> >authorized and may be unlawful. > > >> > > >> > > > > > > > > -- > > @purplecabbage > > risingj.com > > >
