marcoscaceres
commented
4 years ago There is a bunch of really good points raised at https://github.com/w3c/web-share/issues/173 which could be captured in this doc.
Closed marcoscaceres closed 3 years ago
marcoscaceres
commented
4 years ago There is a bunch of really good points raised at https://github.com/w3c/web-share/issues/173 which could be captured in this doc.
hober
commented
4 years ago I've made an initial attempt at addressing this in #99. It needs work. Please review!
I think we learned some good lessons from:
https://blog.redteam.pl/2020/08/stealing-local-files-using-safari-web.html
In particular, we can't assume that the OS or receiving application will safely handle random URL schemes.
For APIs that pass URLs to other apps or the OS, the questionnaire should ask what will happen if the browser passes along "file://" or other URL schemes ("data://") - and what the potential risks are when the receiving application ingests and dereferences those URLs, which can lead to information leakage, data theft, bypassing firewalls, etc.
As such, it would be good to add something to the questionnaire around URLs... URLs shouldn't be assumed to be safe strings. And that a URL itself doesn't represent a final destination, because once dereferenced a URL can redirect virtually anywhere.