On Tue, Jun 9, 2009 at 12:54 AM, Anne van Kesteren<[email protected]> wrote: > On Tue, 09 Jun 2009 03:39:19 +0200, Mark S. Miller <[email protected]> wrote: >> This use-case was the motivation for ADsafe, though any of the JavaScript >> sanitizers would do. >> >> Without some such sanitization technology, it remains unsafe to load >> untrusted ads directly on your page. Adam and I are still arguing fine >> points of just how unsafe, but there's no question that the answer is at >> least "too unsafe". >> >> With GuestXMLHttpRequest, such sanitized ads could be allowed to call >> home safely without being able to impersonate their containing page's origin. > > Why can such ads not be embedded using a seamless sandboxed <iframe> from > HTML5?
I think there are two main reasons: 1. ADsafe, Caja and others provide finer grained control over what the widget can do. 2. All ads/widgets are fetched by the same HTTP request that fetches the containing page. The overhead of a separate iframe per ad/widget was too much for the expected use-cases. --Tyler -- "Waterken News: Capability security on the Web" http://waterken.sourceforge.net/recent.html
