Robert Sayre wrote: > <livejournal-comment> > do whatever in here, the browser will elide the dangerous stuff > as the content sink receives it... > </livejournal-comment>
This has been proposed several times in the past. Usually, the idea founders on either the definition of "dangerous stuff", the difficulty of making sure the content doesn't close the livejournal-comment tag, or the difficulty of making sure the content inside doesn't affect the content outside (e.g. by overlaying it using CSS absolute positioning). Gerv _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
