-
Notifications
You must be signed in to change notification settings - Fork 0
Security : Origins
When I have a page on serverA that imports a web-component from serverB and that component accesses private data on serverC, the origin that serverC will see is serverA. The code from serverB is operating in the context of serverA so that is the origin. This means that authorization methods that use origin will be giving access to a serverB app as well as serverA apps without having explicitly given permission to serverB.
This seems like a security issue, but I don't believe it is. Instead of "web component", read the above paragraph with "javascript library". When we give authorization to an app, that app can import javascript libraries from anywhere and we are implicitly trusting them because we trust the app that imports them. It is the developers responsibility to use a trustworthy tool chain. That is no different for web-components than it is for any app.
Another reason this is less scary than it looks is that even an authorization method which depends on origins will, in the scenario above, only permit the specific serverB libraries needed by the serverA page and will not grant access to serverB apps in general.