[Cryptography] filtering html
James A. Donald
jamesd at echeque.com
Fri Oct 27 00:53:52 EDT 2017
The solutions proposed here in this thread are right on the money, and
software to implement them is available.
Thanks everyone.
Ann's web page displays unrestricted web content to Bob, but if Ann's
web page contains content controlled by Carol, Ann's server first
castrates Carol's content using AntiSamy
https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project before
displaying it to Bob. Which is conveniently already written, so I do
not have to write it. Runs in Javascript.
But what in fact worried me is that Bob would agree to and archive a
page containing an offer by Ann, which would retroactively change. I
wanted not only for the page to be immutable, but for the display of the
page to be immutable, and the solution to that one is PDF. Ann's server
has to convert its content to PDF, if the Bob's client is going to treat
it as a potentially binding offer.
Bob's client will display Ann's offer to Bob using the wxWidget Pdfium,
which is conveniently already written in C++
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the cryptography
mailing list