On Wed, Jun 30, 2010 at 8:14 AM, Philip Jägenstedt <[email protected]> wrote: > On Wed, 30 Jun 2010 16:31:20 +0200, Tab Atkins Jr. <[email protected]> > wrote: >> In any case, embedding >> videos via <iframe sandbox=allow-scripts> should work fine, once more >> browsers support it. >> >> ~TJ >> > > What issues would there be with simply using <iframe> without sandboxing? > What doesn't the cross-origin policy stop?
Oh, duh. Sorry, yeah, just pointing the iframe to a different-origin resource on youtube.com would work fine. ~TJ
