On Wed, Feb 11, 2009 at 3:56 PM, Lachlan Hunt <lachlan.hunt@lachy.id.au> wrote: > * Renaming <script> to <handler> > - Unnecessarily renaming, effectively introduces a second element for > exactly the same purpose. This is something i'd be very concerned about. I don't care that much about the fact that there would be two elements with exactly, or almost, the same functionality. The only downside with that would be a little implementation hassle and maybe some author confusion. The much bigger problem is a security concern. There are loads of sites out there that filter out <script> elements from things like blog comments and forum postings to avoid XSS issues. It would be a big problem if this could be worked around by attackers by simply using <handler> instead. / JonasReceived on Thursday, 12 February 2009 00:22:53 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:16:29 GMT