Giorgio Maone wrote:Still I can't understand how ABE doesn't suffice for a power user with this kind of needs.
Please name a policy which cannot currently be expressed by ABE grammar, in one or more chained rules.
I think I already explained it, but will try again. As sites/apps grow more complex (composed), they tend to require various cross site utility iframes and plugins for normal operation. So whereas you want maximum embedding blocking in general, for specific, trusted, frequently accessed sites, you need to loosen permissions for specific (types and locations) embeddings to avoid constant fiddling with temp permissions upon every visit.
ABE is not capable of loosening embedding permission, only tightening. If the default is to block everything even on trusted, which is what it should be, no abe rule can currently, AFAICT, express an exception to it. I am all for doing it in ABE, but to do it at all and in a reasonably friendly manner, you would need something like this:
Code: Select all
Accept embedding(IFRAME, FLASH) to site2
Alternatives to "origin":