W3C home > Mailing lists > Public > public-html@w3.org > January 2010

Re: <iframe doc="">

From: Karl Dubost <karl+w3c@la-grange.net>
Date: Fri, 15 Jan 2010 20:00:06 -0500
Message-Id: <F815E58C-C79B-4A26-A5A2-056B10602944@la-grange.net>
Cc: public-html@w3.org
To: Ian Hickson <ian@hixie.ch>

Le 15 janv. 2010 à 19:37, Ian Hickson a écrit :
> On Fri, 15 Jan 2010, Karl Dubost wrote:
>> 
>> Would it be possible to have a markup example? (I mean the content of the attribute).
> 
> The details depend on ongoing discussions, but e.g.:
> 
>          <iframe seamless sandbox="allow-scripts allow-forms" doc="
>            Read my blog!
>            <a href='#' onclick='alert(document.cookie)'>Click here</a>
>          "></iframe>


That would make the attribute not usable with an XML parser (XSLT processor) I guess, 
or would this construct be entirely forbidden in XHTML5 or escaped in a way like this:

   <iframe seamless="" 
           sandbox="allow-scripts allow-forms" 
           doc="<![CDATA[
                Read my blog!
                <a href='#' 
                   onclick='alert(document.cookie)'>Click here</a>
                ]]>">
    </iframe>

-- 
Karl Dubost
Montréal, QC, Canada
http://www.la-grange.net/karl/
Received on Saturday, 16 January 2010 01:00:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:16:57 GMT