Ability to restrict domain to a directory (document.domain or http header)

RESOLVED WONTFIX

Status

()

Core
Security: CAPS
P2
enhancement
RESOLVED WONTFIX
18 years ago
4 years ago

People

(Reporter: Mitchell Stoltz (not reading bugmail), Assigned: dveditz)

Tracking

Trunk
Future
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Our definition of an "origin" for security purposes is scheme://host:port. A
content developer has the option of widening this definition by assigning to
document.domain. THey should also be able to narrow it to a specific directory
or even a specific file within a host.

This will be useful, for example, on geocities.com, where content from the same
host actually has many different owners. Narrowing the domain would allow an
author who posts to GeoCities to prevent other GeoCities pages from accessing
the author's page.
(Reporter)

Comment 1

18 years ago
This is an enhancement. marking Future.
Status: NEW → ASSIGNED
Target Milestone: --- → Future

Comment 2

18 years ago
Setting document.domain is great for expanding trust, but it seems to me that 
restricting access should be done by an HTTP header, which the server has more 
control over.  Wouldn't allowing document.domain to restrict access set up a 
race condition between the page's setting document.domain and the attacker's 
trying to access the page?

Interestingly, GeoCities' 404 page displays the input url without escaping it 
(http://www.cert.org/advisories/CA-2000-02.html).  I wonder if they se this up 
on purpose in order to remind paranoid users of the problem mentioned in this 
bug report.

Updated

18 years ago
QA Contact: czhang → junruh

Comment 3

18 years ago
Mass changing QA to ckritzer.
QA Contact: junruh → ckritzer

Comment 4

17 years ago
See also bug 64886.
(Reporter)

Comment 5

17 years ago
Target is now 0.9.5, Priority P2.
Priority: P3 → P2
Target Milestone: Future → mozilla0.9.5
(Reporter)

Comment 6

17 years ago
time marches on...retargeting to 0.9.6
Target Milestone: mozilla0.9.5 → mozilla0.9.6
(Reporter)

Comment 7

17 years ago
I don't think this will work as proposed, because of what Jesse mentioned, but
alternatively, it would be good if we could configure the security manager to
treat directories at a particular depth to be considered separate hosts. This
would solve the GeoCities problem. Changing summary.
Summary: Using document.domain to narrow the domain → Ability to restrict domain to a directory
Target Milestone: mozilla0.9.6 → Future

Updated

16 years ago
Summary: Ability to restrict domain to a directory → Ability to restrict domain to a directory (document.domain or http header)

Updated

16 years ago
OS: Mac System 8.5 → All
Hardware: Macintosh → All

Updated

11 years ago
Blocks: 301375
Assignee: security-bugs → dveditz
Status: ASSIGNED → NEW
QA Contact: ckritzer → caps

Comment 8

6 years ago
Is this bug still relevant?

Comment 9

4 years ago
The idea is still relevant, but we don't need to track it in a Gecko bug. (And it should certainly not involve document.domain.)
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.