On Mon, Mar 14, 2011 at 8:05 PM, Robert O'Callahan <[email protected]> wrote: > On Sat, Mar 12, 2011 at 5:56 AM, Tab Atkins Jr. <[email protected]>wrote: > >> I think we should be closing the <svg>/<foreignObject> hole, not >> expanding it as the primary way to smuggle in drawWindow >> functionality. ^_^ > > I actually think svg image + foreignobject is an OK way to smuggle in the > functionality of rendering HTML fragments to a canvas :-). In Gecko, to > solve various security problems we've made SVG images be a very restrictive > browsing context, which can't for example load any subresource other than > data: URIs. The elements of an SVG image also can't receive input events. > Those measures alone neutralize a lot of the problems with drawWindow. > Unlike IFRAMEs, pages can't reach into the DOM of SVG images to get around > those restrictions. We can make SVG image documents never honor :visited > selectors.
That's roughly how SVG images work in WebKit as well. SVG images are rendered with a fake set of clients (i.e., delegates) that prevent the SVG image from talking to much of the rest of the browser. Adam
