Skip to site navigation (Press enter)
Re: [whatwg]
definition not compatible with existing user-agent user interfaces</span></a></span> </h1> <p class="darkgray font13"> <span class="sender pipe"><a href="/search?l=whatwg@lists.whatwg.org&q=from:%22Tab+Atkins+Jr.%22" rel="nofollow"><span itemprop="author" itemscope itemtype="http://schema.org/Person"><span itemprop="name">Tab Atkins Jr.</span></span></a></span> <span class="date"><a href="/search?l=whatwg@lists.whatwg.org&q=date:20130404" rel="nofollow">Thu, 04 Apr 2013 22:15:42 -0700</a></span> </p> </div> <div itemprop="articleBody" class="msgBody"> <!--X-Body-of-Message--> <pre>On Thu, Apr 4, 2013 at 2:12 PM, Boris Zbarsky <bzbar...@mit.edu> wrote: > The way <iframe srcdoc> is defined, the document URI does not in any way > encode the document contents. > > Unfortunately, that breaks user-agent and extension features like "open > frame in new window", "show only this frame", "open frame in new tab", etc. > > I just tried this in the two UAs I have that implement such features, and > Chrome simply doesn't have such options in its default UI, while in Safari > those context menu options are in fact just completely broken. > > This seems fairly undesirable. Is there a reason we don't want a URI which > _will_ encode the source in some way so as to avoid breaking basic UI like > this?</pre><pre> Are you asking to switch back to data urls instead of srcdoc, or are you asking for a way to generate an equivalent data url from the contents? The former was addressed during the design of srcdoc - the escaping requirements of data urls are non-trivial, and given that this is supposed to be an easy security measure, any difficulty in escaping means people will fail and get security escapes. If it's the latter, I think that makes sense. ~TJ </pre> </div> <div class="msgButtons margintopdouble"> <ul class="overflow"> <li class="msgButtonItems"><a class="button buttonleft " accesskey="p" href="msg34170.html">Previous message</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="c" href="index.html#34171">View by thread</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="i" href="maillist.html#34171">View by date</a></li> <li class="msgButtonItems textalignright"><a class="button buttonright " accesskey="n" href="msg34176.html">Next message</a></li> </ul> </div> <a name="tslice"></a> <div class="tSliceList margintopdouble"> <ul class="icons monospace"> <li class="icons-email"><span class="subject"><a href="msg34170.html">[whatwg] <iframe srcdoc> definition not compatible...</a></span> <span class="sender italic">Boris Zbarsky</span></li> <li><ul> <li class="icons-email tSliceCur"><span class="subject">Re: [whatwg] <iframe srcdoc> definition not c...</span> <span class="sender italic">Tab Atkins Jr.</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg34176.html">Re: [whatwg] <iframe srcdoc> definition n...</a></span> <span class="sender italic">Boris Zbarsky</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg34178.html">Re: [whatwg] <iframe srcdoc> definiti...</a></span> <span class="sender italic">Robin Berjon</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg34179.html">Re: [whatwg] <iframe srcdoc> defi...</a></span> <span class="sender italic">Boris Zbarsky</span></li> </ul></li> <li class="icons-email"><span class="subject"><a href="msg34181.html">Re: [whatwg] <iframe srcdoc> definiti...</a></span> <span class="sender italic">Robert O'Callahan</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg34182.html">Re: [whatwg] <iframe srcdoc> defi...</a></span> <span class="sender italic">Boris Zbarsky</span></li> </ul></li> </ul></li> </ul></li> <li class="icons-email"><span class="subject"><a href="msg34185.html">Re: [whatwg] <iframe srcdoc> definition not c...</a></span> <span class="sender italic">Ian Hickson</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg34186.html">Re: [whatwg] <iframe srcdoc> definition n...</a></span> <span class="sender italic">Boris Zbarsky</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg34187.html">Re: [whatwg] <iframe srcdoc> definiti...</a></span> <span class="sender italic">Robert O'Callahan</span></li> <li class="icons-email"><span class="subject"><a href="msg34188.html">Re: [whatwg] <iframe srcdoc> definiti...</a></span> <span class="sender italic">Ian Hickson</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg34191.html">Re: [whatwg] <iframe srcdoc> defi...</a></span> <span class="sender italic">Boris Zbarsky</span></li> </ul> </ul> </ul> </ul> </ul> </div> <div class="overflow msgActions margintopdouble"> <div class="msgReply" > <h2> Reply via email to </h2> <form method="POST" action="/mailto.php"> <input type="hidden" name="subject" value="Re: [whatwg] <iframe srcdoc> definition not compatible with existing user-agent user interfaces"> <input type="hidden" name="msgid" value="CAAWBYDDpY-kQRn87Eizx0h+QFcVczQbhc_cnkvn-tRngSRu-qA@mail.gmail.com"> <input type="hidden" name="relpath" value="whatwg@lists.whatwg.org/msg34171.html"> <input type="submit" value=" Tab Atkins Jr. "> </form> </div> </div> </div> <div class="aside" role="complementary"> <div class="logo"> <a href="/"><img src="/logo.png" width=247 height=88 alt="The Mail Archive"></a> </div> <form class="overflow" action="/search" method="get"> <input type="hidden" name="l" value="whatwg@lists.whatwg.org"> <label class="hidden" for="q">Search the site</label> <input class="submittext" type="text" id="q" name="q" placeholder="Search whatwg"> <input class="submitbutton" name="submit" type="image" src="/submit.png" alt="Submit"> </form> <div class="nav margintop" id="nav" role="navigation"> <ul class="icons font16"> <li class="icons-home"><a href="/">The Mail Archive home</a></li> <li class="icons-list"><a href="/whatwg@lists.whatwg.org/">whatwg - all messages</a></li> <li class="icons-about"><a href="/whatwg@lists.whatwg.org/info.html">whatwg - about the list</a></li> <li class="icons-expand"><a href="/search?l=whatwg@lists.whatwg.org&q=subject:%22Re%5C%3A+%5C%5Bwhatwg%5C%5D+%3Ciframe+srcdoc%3E+definition+not+compatible+with+existing+user%5C-agent+user+interfaces%22&o=newest&f=1" title="e" id="e">Expand</a></li> <li class="icons-prev"><a href="msg34170.html" title="p">Previous message</a></li> <li class="icons-next"><a href="msg34176.html" title="n">Next message</a></li> </ul> </div> <div class="listlogo margintopdouble"> </div> <div class="margintopdouble"> </div> </div> </div> <div class="footer" role="contentinfo"> <ul> <li><a href="/">The Mail Archive home</a></li> <li><a href="/faq.html#newlist">Add your mailing list</a></li> <li><a href="/faq.html">FAQ</a></li> <li><a href="/faq.html#support">Support</a></li> <li><a href="/faq.html#privacy">Privacy</a></li> <li class="darkgray">CAAWBYDDpY-kQRn87Eizx0h+QFcVczQbhc_cnkvn-tRngSRu-qA@mail.gmail.com</li> </ul> </div> </body> </html> <script>(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'9f9178689fc1dfff',t:'MTc3ODMzNzc0Mg=='};var a=document.createElement('script');a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();</script>