W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > July 2011

[Bug 13230] Use application/sandbox with a type parameter instead of text/html-sandboxed

From: <bugzilla@jessica.w3.org>
Date: Wed, 13 Jul 2011 19:18:21 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1Qh4wv-0003Lg-Qt@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=13230

--- Comment #4 from Eli Grey (:sephr) <bugmail@eligrey.com> 2011-07-13 19:18:21 UTC ---
How would you sandbox an image/svg+xml game that a user uploads then? I may be
over engineering here but the fact is that text/html-sandboxed is terribly
unsuited for this.

To simplify the solution, it might just be best to go with a Sandbox: [options]
HTTP header. For example,

Content-Type: image/svg+xml
Sandbox: allow-scripts

...

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Wednesday, 13 July 2011 19:18:24 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 16:31:13 UTC