Skip to site navigation (Press enter)
RE: [whatwg] The
element and sandboxing ideas</span></a></span> </h1> <p class="darkgray font13"> <span class="sender pipe"><a href="/search?l=public-webapi@w3.org&q=from:%22Kristof+Zelechovski%22" rel="nofollow"><span itemprop="author" itemscope itemtype="http://schema.org/Person"><span itemprop="name">Kristof Zelechovski</span></span></a></span> <span class="date"><a href="/search?l=public-webapi@w3.org&q=date:20080522" rel="nofollow">Thu, 22 May 2008 08:25:45 -0700</a></span> </p> </div> <div itemprop="articleBody" class="msgBody"> <!--X-Body-of-Message--> <pre> Legacy browsers will use @SRC which must be filtered. They will ignore the new content (whatever the attribute name will be) altogether so it need not be filtered. Fallback @SRC can contain a URL to an error page saying "Sorry, not in your browser". Chris</pre><pre> -----Original Message----- From: [EMAIL PROTECTED] [<a rel="nofollow" href="mailto:[EMAIL">mailto:[EMAIL</a> PROTECTED] On Behalf Of Martin Atkins Sent: Thursday, May 22, 2008 2:21 PM To: Ian Hickson Cc: public-webapi@w3.org; whatwg; HTMLWG Subject: Re: [whatwg] The <iframe> element and sandboxing ideas Ian Hickson wrote: > Summary: > > * I've added a sandbox="" attribute to <iframe>, which by default > disables a number of features and takes a space-separated list of > features to re-enable: > [snip list] Unless I'm missing something, this attribute is useless in practice because legacy browsers will not impose the restrictions. This means that as long as legacy browsers exist (i.e. forever) server-side filtering must still be employed to duplicate the effects of the sandbox. </pre> </div> <div class="msgButtons margintopdouble"> <ul class="overflow"> <li class="msgButtonItems"><a class="button buttonleft " accesskey="p" href="msg03748.html">Previous message</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="c" href="index.html#03717">View by thread</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="i" href="maillist.html#03717">View by date</a></li> <li class="msgButtonItems textalignright"><a class="button buttonright " accesskey="n" href="msg03718.html">Next message</a></li> </ul> </div> <a name="tslice"></a> <div class="tSliceList margintopdouble"> <ul class="icons monospace"> <li class="icons-email"><span class="subject"><a href="msg03707.html">The <iframe> element and sandboxing ideas</a></span> <span class="sender italic">Ian Hickson</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg03708.html">Re: The <iframe> element and sandboxing ide...</a></span> <span class="sender italic">Andrew Fedoniouk</span></li> <li class="icons-email"><span class="subject"><a href="msg03713.html">Re: The <iframe> element and sandboxing ide...</a></span> <span class="sender italic">Martin Atkins</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg03716.html">Re: The <iframe> element and sandboxing...</a></span> <span class="sender italic">Jon Ferraiolo</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg03748.html">Re: The <iframe> element and sandbo...</a></span> <span class="sender italic">Jon Ferraiolo</span></li> </ul></li> <li class="icons-email tSliceCur"><span class="subject">RE: [whatwg] The <iframe> element and s...</span> <span class="sender italic">Kristof Zelechovski</span></li> </ul></li> <li class="icons-email"><span class="subject"><a href="msg03718.html">Re: The <iframe> element and sandboxing ide...</a></span> <span class="sender italic">Boris Zbarsky</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg03719.html">RE: [whatwg] The <iframe> element and s...</a></span> <span class="sender italic">Kristof Zelechovski</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg03723.html">Re: [whatwg] The <iframe> element a...</a></span> <span class="sender italic">Boris Zbarsky</span></li> </ul></li> </ul></li> <li class="icons-email"><span class="subject"><a href="msg03740.html">Re: [whatwg] The <iframe> element and sandb...</a></span> <span class="sender italic">Ojan Vafai</span></li> <li class="icons-email"><span class="subject"><a href="msg03809.html">Re: [whatwg] The <iframe> element and sandb...</a></span> <span class="sender italic">Jonas Sicking</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg03812.html">Re: [whatwg] The <iframe> element and s...</a></span> <span class="sender italic">Andrew Fedoniouk</span></li> </ul> </ul> </ul> </div> <div class="overflow msgActions margintopdouble"> <div class="msgReply" > <h2> Reply via email to </h2> <form method="POST" action="/mailto.php"> <input type="hidden" name="subject" value="RE: [whatwg] The <iframe> element and sandboxing ideas"> <input type="hidden" name="msgid" value="A9A38A658E0242C89F1E0E5DD5A137F9@POCZTOWIEC"> <input type="hidden" name="relpath" value="public-webapi@w3.org/msg03717.html"> <input type="submit" value=" Kristof Zelechovski "> </form> </div> </div> </div> <div class="aside" role="complementary"> <div class="logo"> <a href="/"><img src="/logo.png" width=247 height=88 alt="The Mail Archive"></a> </div> <form class="overflow" action="/search" method="get"> <input type="hidden" name="l" value="public-webapi@w3.org"> <label class="hidden" for="q">Search the site</label> <input class="submittext" type="text" id="q" name="q" placeholder="Search public-webapi"> <input class="submitbutton" name="submit" type="image" src="/submit.png" alt="Submit"> </form> <div class="nav margintop" id="nav" role="navigation"> <ul class="icons font16"> <li class="icons-home"><a href="/">The Mail Archive home</a></li> <li class="icons-list"><a href="/public-webapi@w3.org/">public-webapi - all messages</a></li> <li class="icons-about"><a href="/public-webapi@w3.org/info.html">public-webapi - about the list</a></li> <li class="icons-expand"><a href="/search?l=public-webapi@w3.org&q=subject:%22RE%5C%3A+%5C%5Bwhatwg%5C%5D+The+%3Ciframe%3E+element+and+sandboxing+ideas%22&o=newest&f=1" title="e" id="e">Expand</a></li> <li class="icons-prev"><a href="msg03748.html" title="p">Previous message</a></li> <li class="icons-next"><a href="msg03718.html" title="n">Next message</a></li> </ul> </div> <div class="listlogo margintopdouble"> </div> <div class="margintopdouble"> </div> </div> </div> <div class="footer" role="contentinfo"> <ul> <li><a href="/">The Mail Archive home</a></li> <li><a href="/faq.html#newlist">Add your mailing list</a></li> <li><a href="/faq.html">FAQ</a></li> <li><a href="/faq.html#support">Support</a></li> <li><a href="/faq.html#privacy">Privacy</a></li> <li class="darkgray">A9A38A658E0242C89F1E0E5DD5A137F9@POCZTOWIEC</li> </ul> </div> </body> </html>