What I'd really like to see is some kind of iframe that pins JS/wasm code within... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		vbs_redlof 1 day ago \| parent \| context \| favorite \| on: The browser is the sandbox What I'd really like to see is some kind of iframe that pins JS/wasm code within it to a particular bundle hash and prevents modification at runtime (even from chrome extensions). Something more like a TEE inside the browser of sorts. Not sure if there is anything like this.

kinlan 1 day ago [–]

Author of the linked post here. This is actually a pretty interesting idea, I'll pass it to the team.

spankalee 1 day ago | [–]

Enabling the `integrity ` attribute on iframes would help: https://github.com/w3c/webappsec-subresource-integrity/issue...

But then you'd also want the frame content to use `integrity` on nested resoures.

CSP frame-src can help for now.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact