Re: [whatwg] Sandboxing to accommodate user generated content.

On Tue, 17 Jun 2008, Frode Børli wrote: A major challenge for many web developers is validating untrusted content such as the message body of a blog comment. Unless the developer has a flawless and future proof algorithm for ensuring that the message body does not contain any script, web

Re: [whatwg] Sandboxing to accommodate user generated content.

Frode Børli wrote: I have been reading up on past discussions on sandboxing content, and My main arguments for having this feature (in one form or another) in the browser is: - It is future proof. Changes to browsers (for example adding expression support to css) will never again require

Re: [whatwg] Sandboxing to accommodate user generated content.

Rantalainen Sent: Wednesday, June 18, 2008 9:20 AM To: whatwg@lists.whatwg.org Subject: Re: [whatwg] Sandboxing to accommodate user generated content. Frode Børli wrote: I have been reading up on past discussions on sandboxing content, and My main arguments for having this feature (in one form or another

Re: [whatwg] Sandboxing to accommodate user generated content.

On Tue, 17 Jun 2008 06:09:55 +0200, Frode Børli [EMAIL PROTECTED] wrote: Hi! I am a new member of this mailing list, and I wish to contribute with a couple of specific requirements that I believe should be discussed and perhaps implemented in the final specification. I am unsure if this is

Re: [whatwg] Sandboxing to accommodate user generated content.

I have been reading up on past discussions on sandboxing content, and I feel that it is generally agreed on that there should be some mechanism for marking content as user generated. The discussion mainly appears to be focused on implementation. Please read my implementation notes at the end of

Re: [whatwg] Sandboxing to accommodate user generated content.

Borli Sent: Tuesday, June 17, 2008 3:05 PM To: whatwg@lists.whatwg.org Subject: Re: [whatwg] Sandboxing to accommodate user generated content. I have been reading up on past discussions on sandboxing content, and I feel that it is generally agreed on that there should be some mechanism for marking

Re: [whatwg] Sandboxing to accommodate user generated content.

Hello, I'm new to the list and have joined in response to this discussion on html security changes. I have been reading up on past discussions on sandboxing content, and I feel that it is generally agreed on that there should be some mechanism for marking content as user generated. The

Re: [whatwg] Sandboxing to accommodate user generated content.

I've also been having side discussions with a few people regarding the ability for a website owner to mark sections as data rather than code (where everything lies now). Your htmlarea tag idea is a good one (maybe change the tag to data just a nitpick) however you don't address the use case

Re: [whatwg] Sandboxing to accommodate user generated content.

1. Please elaborate how an extension of CSS would require a sanitizer update. In the year 1998: A sanitizer algorithm works perfectly for all existing methods of adding scripts. It uses a white list, which allows only certain tags and attributes. Among the allowed attributes is colspan,

Re: [whatwg] Sandboxing to accommodate user generated content.

Frode Børli wrote: I have been reading up on past discussions on sandboxing content, and I feel that it is generally agreed on that there should be some mechanism for marking content as user generated. The discussion mainly appears to be focused on implementation. Please read my implementation

Re: [whatwg] Sandboxing to accommodate user generated content.

Of Frode Borli Sent: Tuesday, June 17, 2008 8:34 PM To: Kristof Zelechovski Cc: whatwg@lists.whatwg.org Subject: Re: [whatwg] Sandboxing to accommodate user generated content. 1. Please elaborate how an extension of CSS would require a sanitizer update. In the year 1998: A sanitizer algorithm works

Re: [whatwg] Sandboxing to accommodate user generated content.

I have been reading up on past discussions on sandboxing content, and I feel that it is generally agreed on that there should be some mechanism for marking content as user generated. The discussion mainly appears to be focused on implementation. Please read my implementation notes at the end

Re: [whatwg] Sandboxing to accommodate user generated content.

of them request the same data file. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frode Borli Sent: Wednesday, June 18, 2008 12:12 AM To: Lachlan Hunt Cc: whatwg@lists.whatwg.org Subject: Re: [whatwg] Sandboxing to accommodate user generated content. I

[whatwg] Sandboxing to accommodate user generated content.

Hi! I am a new member of this mailing list, and I wish to contribute with a couple of specific requirements that I believe should be discussed and perhaps implemented in the final specification. I am unsure if this is the correct place to post my ideas (or if my ideas are even new), but if it is

[whatwg] Sandboxing to accommodate user generated content.

Hi! I am a new member of this mailing list, and I wish to contribute with a couple of specific requirements that I believe should be discussed and perhaps implemented in the final specification. I am unsure if this is the correct place to post my ideas (or if my ideas are even new), but if it is