29100 – Current iframe sandbox does not prevent download from sandboxed child frame

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 29100 - Current iframe sandbox does not prevent download from sandboxed child frame

Summary: Current iframe sandbox does not prevent download from sandboxed child frame

Status:	RESOLVED MOVED

Alias:	None

Product:	HTML WG
Classification:	Unclassified
Component:	CR HTML5 spec (show other bugs)
Version:	unspecified
Hardware:	PC All

Importance:	P2 major
Target Milestone:	---
Assignee:	Robin Berjon
QA Contact:	HTML WG Bugzilla archive list

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-08-29 10:45 UTC by s.h.h.n.j.k
Modified:	2016-04-28 16:12 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Please let me know if it does not work (535 bytes, text/html) 2015-08-29 10:45 UTC, s.h.h.n.j.k	Details

Description s.h.h.n.j.k 2015-08-29 10:45:53 UTC

Created attachment 1622 [details]
Please let me know if it does not work

Hi,

Current iframe sandbox does not prevent download from sandboxed child frame. This allows malicious ads to force download malicious files which users might think that it is served from trusted parent domain.

Comment 1 s.h.h.n.j.k 2015-08-31 09:38:28 UTC

Is there anyone looking into this?

Comment 2 Léonie Watson 2016-04-28 16:12:16 UTC

Moved to HTML on Github:
https://github.com/w3c/html/issues/301