[web-api] Limit cross-origin sharing of Wasm modules. #1352
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This was discussed, and voted on in the June 22nd meeting (notes). The suggested solution was to limit sharing modules across origins. There is some discussion in the linked issue #1303, but it doesn't look like the HTML spec has a way to enforce an origin check in the serialization infrastructure.
This PR aims to store the origin as well as the agent cluster, and throw if there has been an attempt to post message across origin, the text right doesn't handle opaque origins as they are
null
when serialized. Another option is to be vague and include a same-origin check, but digging into it more, it's not clear how this would be implemented. Opening this PR to gather feedback, I'm also quite unfamiliar with the HTML spec, so links to existing infrastructure to do this correctly appreciated.Closes #1303.