On 9/3/10 1:55 PM, Jonas Sicking wrote:
On Fri, Sep 3, 2010 at 10:47 AM, Adam Barth<w...@adambarth.com> wrote:
I'm not sure it makes much of a difference from a security point of
view.
Agreed. Pages can only move elements between pages that are in the
same security context anyway so I can't really think of any attacks
that any of the approaches would enable or disable.
Could it cause script to run from a <script> element that someone sticks
in a same-origin but sandboxed iframe if the non-sandboxed parent moves
some part of the DOM out before the parse is done?
-Boris