lhtml icon indicating copy to clipboard operation
lhtml copied to clipboard
verified publisher icon iffy

Securely allow links to open the user's browser

Open iffy opened this issue 8 years ago • 1 comments

It would be nice if LHTML documents could provide links for users to click that would open in the user's browser. PDFs allow this, for instance.

But allowing LHTML documents to open a user's browser to a particular page (initiated either by JavaScript or by user interaction) presents security problems. Consider, for instance, a malicious credit card application document that sends the user's credit card number to a server.

Our current valid use case for such linking is to send the user to a SalesForce page related to the current document.

I've considered letting the user manage an allowed list of domains/URLs that documents are allowed to link to. But ideally, security should be Grandma-simple (i.e. my Grandma should be able to make correct security choices given the information presented to her) and I'm not sure how to do that.

iffy avatar Jan 20 '17 18:01 iffy

This part will be useful: http://electron.atom.io/docs/api/web-view-tag/#event-new-window

iffy avatar Jan 24 '17 15:01 iffy