Hallvord Reiar Michaelsen Steen wrote:
Regarding SANDBOX when I look at the discussion and points raised so far I sort of get the feeling that we are re-inventing IFRAME... Hence I'm beginning to think that we should just come up with a new attribute on IFRAME, called "sandbox" or "contentrestriction" or something like that. That way the parent page could explicitly allow or prevent interaction with the IFRAME.
Perhaps like the "frames=children" setting for Content Restrictions, which means that the page served inside the iframe had no access to its frame parents? :-)
Gerv
