W3C home > Mailing lists > Public > public-html-comments@w3.org > June 2011

Re: New attribute typemustmatch

From: Michael A. Peters <mpeters@shastaherps.org>
Date: Tue, 14 Jun 2011 00:28:13 -0700
Message-ID: <4DF70D8D.5030108@shastaherps.org>
To: Shelley Powers <shelleyp@burningbird.net>
CC: public-html-comments@w3.org
Shelley Powers wrote:
> I found the WhatWG discussion, if you can call it that.
> 
> http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2011-June/032023.html
> 
> What are the procedures in place to control change during Last Call?
> 
> 
> Shelley
> 

For what it is worth, I don't think the content of the html document is 
the place for security restrictions.

It is better to do it via something like FireFox's "Content Security 
Policy" proposal, though I'm not sure if it currently covers ensuring 
mime types of served object match the object description.

http://people.mozilla.com/~bsterne/content-security-policy/
Received on Tuesday, 14 June 2011 07:29:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 14 June 2011 07:29:03 GMT