> -----Original Message----- > From: development-bounces+kai.koehne=digia....@qt-project.org > [...] > Again, only 3rd party untrusted content matters here and for that you need a > sandbox.
I'm not entirely sure '3rd party untrusted content' in the Qt process is needed for these sort of attacks. That's how I understood it so far: 1. the attack vector is web proxy poisoning. That is , all it takes is an attacker that a) can access a remote under his control through the same proxy as the target (or gets some user behin the proxy to access the remote) b) knows how the websocket request will look like c) Manages to poison the proxy to cache a poisonous answer for the request The hashing stuff etc tries to prevent b), but strong entropy is required so that the attacker can't just 'guess' future requests e.g. from monitoring previous requests. Correct me if I'm wrong, but that scheme will work independent of whether the user / app itself runs untrusted content etc. Regards Kai _______________________________________________ Development mailing list Development@qt-project.org http://lists.qt-project.org/mailman/listinfo/development
