--- a/user-interface-safety.html Mon Nov 19 16:30:24 2012 -0800
+++ b/user-interface-safety.html Mon Mar 04 14:59:21 2013 -0800
@@ -14,10 +14,10 @@
var respecConfig = {
// specification status (e.g. WD, LCWD, NOTE, etc.). If in doubt use ED.
// Member-SUBM
- specStatus: "FPWD",
+ specStatus: "WD",
// the specification's short name, as in http://www.w3.org/TR/short-name/
- shortName: "User Interface Safety",
+ shortName: "UISecurity",
// if your specification has a subtitle that goes below the main
// formal title, define it here
@@ -91,7 +91,7 @@
"CLEARCLICK" : "G. Maone <a href=\"http://noscript.net/downloads/ClearClick_WAS2012_rv2.pdf\"><cite>ClearClick: Effective Client-Side Protection Against UI Redressing Attacks</cite></a>. (Work in progress.) URL: <a href=\"http://noscript.net/downloads/ClearClick_WAS2012_rv2.pdf\">http://noscript.net/downloads/ClearClick_WAS2012_rv2.pdf</a>",
"UIREDRESS" : "M. Zalewski <a href=\"http://code.google.com/p/browsersec/wiki/Part2#Arbitrary_page_mashups_(UI_redressing)\"><cite>Browser Security Handbook, part 2</cite></a>. URL: <a href=\"http://code.google.com/p/browsersec/wiki/Part2#Arbitrary_page_mashups_(UI_redressing)\">http://code.google.com/p/browsersec/wiki/Part2#Arbitrary_page_mashups_(UI_redressing)</a>",
"FRAMEBUSTING" : "Boneh, et al. <a href=\"http://seclab.stanford.edu/websec/framebusting/\"><cite>Busting frame busting: a study of clickjacking vulnerabilities at popular sites</cite></a>. URL: <a href=\"http://seclab.stanford.edu/websec/framebusting/\">http://seclab.stanford.edu/websec/framebusting/</a>",
-"INCONTEXT" : "Lin-Shung Huang, et al. <a href=\"https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf\"><cite>Clickjacking:Attacks and Defenses</cite></a> published in the 21st USENIX Security Symposium Proceedings. URL: <a href=\"https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf\">https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf</a>"
+"INCONTEXT" : "Lin-Shung Huang, et al. <a href=\"https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf\"><cite>Clickjacking:Attacks and Defenses</cite></a> published in the 21st USENIX Security Symposium Proceedings. URL: <a href=\"https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf\">https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf</a>","SELECTORS4" : "Elika J. Etemad. <a href=\"http://www.w3.org/TR/2011/WD-selectors4-20110929/\"><cite>Selectors Level 4.</cite></a> 29 September 2011. W3C Working Draft. (Work in progress.) URL: <a href=\"http://www.w3.org/TR/2011/WD-selectors4-20110929/\">http://www.w3.org/TR/2011/WD-selectors4-20110929/</a>"
}
@@ -278,8 +278,7 @@
<p>A <dfn id=selector-string>selector string</dfn> is a list of one or more
<a href="http://dev.w3.org/csswg/selectors4/#complex">complex
- selectors</a> (<a href="#bib-SELECTORS4"
- rel=biblioentry>[SELECTORS4]<!--{{!SELECTORS4}}--></a>, section 3.1) that
+ selectors</a>(see [[SELECTORS4]], section 3.1) that
<em class=ct>may</em> be surrounded by whitespace and matches the
<code>dom_selectors_group</code> production.
</p>
@@ -374,7 +373,6 @@
should result in the event being delivered with the <code>unsafe</code>
attribute on the <code>UIEvent</code> set to <code>true</code>
and cause a violation report to be sent.</p>
-</p>
<p>The optional directive value allow resource authors to provide <a href="#input-protection-options">options</a> for heuristic tuning
in the form of space-separated <code>option-name=option-value</code> pairs. </p>
@@ -405,8 +403,9 @@
threshold at which the screenshot comparison procedure of the input protection
heuristic triggers a violation. A value of 0 indicates that no difference
between the two images is permitted. A value of 99 provides little to no
-practical protection. If not specified, it defaults to 0.</p>
+practical protection. If not specified, it defaults to 0.
</dd>
+</dl>
</section>
<section id="input-protection-clip">
@@ -422,7 +421,6 @@
<p>If explicitly set as part of a policy where no <code>input-protection</code>
directive is explicitly set, the <code>input-protection-clip</code> directive
implies the <code>input-protection</code> directive as if it was set in the same policy with its default value.</p>
-</p>
<pre>
directive-name = "input-protection-clip"
@@ -521,13 +519,13 @@
following additional steps MUST be added to the algorithm defined in
Content Security Policy to <em>prepare a violation report</em>:</p>
-</p>In step 1, when preparing the JSON object <em>violation-object</em>,
+<p>In step 1, when preparing the JSON object <em>violation-object</em>,
add the following keys and values to the <dfn>csp-report</dfn>: [[!CSP]]</p>
<p>If the violation is of the <code>frame-options</code> directive, add the
following keys and values:</p>
-<ul><dl>
+<dl>
<dt>frame-options</dt>
<dd><em>No value.</em></dd>
<p class="issue">
@@ -535,21 +533,23 @@
is currently allowed by the Same Origin Policy. Is there a safe way
to provide more meaningful information?
</p>
-</dl></ul>
+</dl>
<p>If the violation is of the <code>input-protection</code> directive, add
the following keys and values:</P>
-<ul><dl>
+<dl>
<dt>blocked-event-type</dt>
<dd>The <code>type</code> attribute of the <code>UIEvent</code> that was blocked by policy.</dd>
<dt>touch-event</dt>
<dd>A <dfn>boolean</dfn> indicating whether the event blocked by policy was a <dfn>Touch Event</dfn> [[TOUCH-EVENTS]].</dd>
+</dl>
<p class="issue">
Need to harmonize with the new Pointer Events WG specs.
</p>
+<dl>
<dt>client-height</dt>
<dd>The <code>document.documentElement.clientHeight</code> property
as defined in <em>TODO</em>.</dd>
@@ -564,26 +564,26 @@
<dt>blocked-event-client-y</dt>
<dd>The <code>clientY</code> attribute of the <code>UIEvent</code> that was blocked by policy, if set.</dd>
-</dl></ul>
+</dl>
<p class="issue">What standard defines these attributes?</p>
<p>If the target of an <code>UIEvent</code> which triggers an <code>input-protection</code> violation has an explictly-set <code>id</code> attribute:
-<ul><dl>
+<dl>
<dt>blocked-target-id</dt>
<dd>The <code>id</code> attribute of the DOM Element that a violating
<code>UIEvent</code> targeted.</dd>
-</dl></ul>
+</dl>
<p>Otherwise, if the target element does not have an explicit <code>id</code> attribute:
-<ul><dl>
+<dl>
<dt>blocked-target-xpath</dt>
<dd>An XPath [[!XPATH]] expression that returns the target <code>Element</code> of the <code>UIEvent</code>
that was blocked by policy. <em>TODO: describe the algorithm to do this here</em></dd>
-</dl></ul>
+</dl>
</section>
@@ -881,7 +881,6 @@
enforcement of the <strong>Input Protection Heuristic</strong> if it
interferes with their chosen accessibility technologies.</p>
-</p>
</section>
</section><section>
@@ -896,41 +895,12 @@
of the Content-Security-Policy and Content-Security-Policy-Report-Only headers, so
no updates to the permanent message header field registry (see [<a
href="http://tools.ietf.org/html/rfc3864">RFC3864</a>]) are required.
-</section></section>
-
-<h2 class=no-num id=references>References</h2>
-
- <h3 class=no-num id=normative-references>Normative references</h3>
- <!--begin-normative-->
- <!-- Sorted by label -->
-
- <dl class=bibliography>
- <dt style="display: none"><!-- keeps the doc valid if the DL is empty -->
- <!---->
-
- <dt id=bib-RFC2119>[RFC2119]
+</p>
- <dd>S. Bradner. <a href="http://www.ietf.org/rfc/rfc2119.txt"><cite>Key
- words for use in RFCs to Indicate Requirement Levels.</cite></a> Internet
- RFC 2119. URL: <a
- href="http://www.ietf.org/rfc/rfc2119.txt">http://www.ietf.org/rfc/rfc2119.txt</a>
- </dd>
- <!---->
-
- <dt id=bib-SELECTORS4>[SELECTORS4]
+</section>
- <dd>Elika J. Etemad. <a
- href="http://www.w3.org/TR/2011/WD-selectors4-20110929/"><cite>Selectors
- Level 4.</cite></a> 29 September 2011. W3C Working Draft. (Work in
- progress.) URL: <a
- href="http://www.w3.org/TR/2011/WD-selectors4-20110929/">http://www.w3.org/TR/2011/WD-selectors4-20110929/</a>
- </dd>
- <!---->
-
- </dl>
- <!--end-normative-->
-
-
+<section class='appendix'>
+</section>
</body>
</html>