|
|
|
|
|
|
by gkya
3747 days ago
|
|
|
Happy we mostly agree. Should've been more elaborate, sorry. I sometimes trade off elaboration for brevity and/or laconicism, which causes misunderstandings and off-topic threads. With regards to CDN, I guess the best option is to have a "standard library" for web, where the browsers provide a standard selection of javascript libraries, jquery, react (I really don't know what this last one is) and the like, and bootstrap and stuff, so that these need not be downloaded, and we can be sure that our copies are mostly secure (audited, tested) and that there's no real single point of failure. There's still a who decides problem with this approach, but at least I won't be able to steal millions of session cookies should I manage to tamper a single JS file on some domain. Tho I'm not a security person, so it's possible that I'm telling useless crap. |
|
|
One possibility would be to have everything signed and include the fingerprint with the <script> tag. That way you could safely read jquery.version.js from anywhere and be as sure it is the real thing as if you'd picked it up from jquery.com. That would in fact remove the need for a CDN - one that copy has been ready from my site and verified there would be no need to read it from your site, so every site that uses the signed version essentially becomes part of a global communal CDN. Of course then you have the hassle of certificate management (how do I trust the signature on that file?). The current infrastructure used for SSL certificates, for all its faults, would suffice, but getting library maintainers to use it might be a struggle.
On further thought: in fact a digital signature may not be needed. Just a hash (and not even a salted one) using a sufficiently provably secure function may be adequate, as already provided by many download sites for verifying the absence of transmission errors, removing the need for any signature/certificate jiggery pokery.