credentialmanagement icon indicating copy to clipboard operation
credentialmanagement copied to clipboard

Published 20 hours ago verified publisher icon mikewest

Flying Cars and opaque FormData attributes.

Open mikewest opened this issue 11 years ago • 4 comments

From a conversation with @slightlyoff:

  1. Return an opaque FormData object instead of raw username/password.
  2. Limit submission of said FormData via connect-src (XHR) and form-action (POST).
  3. Maybe an 'unsafe' flag of some sort to return raw credentials if crazy websites want to be crazy?
  4. Maybe a no-unsafe flag of some sort to stop #3 from leaking data via XSS? (Perhaps the CSP bits from http://projects.mikewest.org/credentialmanagement/writeonly/?)

mikewest avatar Aug 05 '14 20:08 mikewest

Started poking at the FormData bits here: https://mikewest.github.io/credentialmanagement/writeonly/#opaque-formdata

/cc @annevk

mikewest avatar Sep 05 '14 12:09 mikewest

You might want to allow writeonly at the form-level too (or maybe at the form-level only for a start).

tobie avatar Sep 05 '14 12:09 tobie

@tobie: Sure, why not. I think this is @annevk's proposal in https://twitter.com/annevk/status/507838270038761472 which I misunderstood.

Note that the proposal currently proposes a CSP directive to set the flag on all input elements of a given type, which is similar.

mikewest avatar Sep 05 '14 12:09 mikewest

Yeah, my proposal was to make it for <form> if we are not going to expose individual fields anyway.

annevk avatar Sep 05 '14 15:09 annevk