Let a URL contain metadata about the linked content, which the browser can use to interpret the content when fetched, and ultimately the user can use to decide whether it is safe to click on the link.
For example, the URL states (by some yet unspecified protocol) that the content will be a text file. The browser then locks itself down to only permit loading of a text file, refusing to render or display an image or hypertext etc. Users can feel confident on clicking the link, knowing they will only see a text file, not, say, some unexpected or undesired image.
Another metadata type for safe content might be pure hypertext, with no active content. The browser sees that declaration in the URL, then locks itself down by turning off Javascript interpretation for rendering that page. A user often knows in advance whether the information he or she is requesting is expected to include active content: for example, a text article is not expected to need javascript. This will thwart a lot of advertising added to monetize articles.
Perhaps a safe subset of Javascript for different definitions of safe. Also need to turn off unsafe parts of CSS, Unicode, HTML.
This is different from the Content-Type HTTP response header, because it is given in the URL, before even a fetch attempt is made. It is a way for a trustworthy site to declare its trustworthiness in advance, a game theoretic imperfect information signaling mechanism.
No comments :
Post a Comment