I was doing some research for Benetech into how an ebook could access settings so it could do things like only show a tactile image if the user asked the book to show that component. I created a test page of a book to access local storage, and put an item into settings, so that later I could retrieve it. This was successful. I could also access the item I stored in local storage from a completely different book, which surprised me. I did a little bit of investigation into this, which revealed that local storage is not sandboxed inside an iframe, such that the content inside an iframe can query storage from outside the iframe, but only on same origin. Since many books that someone will be using with readium will be on the same origin, this means that an ebook can usually query and modify readiums settings (Or anything readium stores in local storage). I have a modified chapter one of accessible epub 3 which I modified to show you the settings of your readium instance. Additionally, there’s a button that sets readium into night mode and increases the font size (This happens from the epub). The following zip archive contains the unpacked source, and the security hole can be displayed by selecting chapter 1 from the toc. So that others don’t discover this, I encrypted this zip archive.
Issue raised by @derekriemer
See also https://github.com/danielweck/epub-reading-system-js-sandbox-test
I was doing some research for Benetech into how an ebook could access settings so it could do things like only show a tactile image if the user asked the book to show that component. I created a test page of a book to access local storage, and put an item into settings, so that later I could retrieve it. This was successful. I could also access the item I stored in local storage from a completely different book, which surprised me. I did a little bit of investigation into this, which revealed that local storage is not sandboxed inside an iframe, such that the content inside an iframe can query storage from outside the iframe, but only on same origin. Since many books that someone will be using with readium will be on the same origin, this means that an ebook can usually query and modify readiums settings (Or anything readium stores in local storage). I have a modified chapter one of accessible epub 3 which I modified to show you the settings of your readium instance. Additionally, there’s a button that sets readium into night mode and increases the font size (This happens from the epub). The following zip archive contains the unpacked source, and the security hole can be displayed by selecting chapter 1 from the toc. So that others don’t discover this, I encrypted this zip archive.