[Bug 11720] New: At the moment, chrome and opera thinks that iframe with source equal to data url has *not* the same origin as parent window's document. I think that this behavior is much more useful, because it can be used as a simpliest way of sandboxing of content.

http://www.w3.org/Bugs/Public/show_bug.cgi?id=11720

           Summary: At the moment, chrome and opera thinks that iframe
                    with source equal to data url has *not* the same
                    origin as parent window's document. I think that this
                    behavior is much more useful, because it can be used
                    as a simpliest way of sandboxing of content.
           Product: HTML WG
           Version: unspecified
          Platform: Other
               URL: http://www.whatwg.org/specs/web-apps/current-work/#san
                    dboxOrigin
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P3
         Component: HTML5 spec (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: contributor@whatwg.org
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


Specification: http://www.whatwg.org/specs/web-apps/current-work/
Section: http://www.whatwg.org/specs/web-apps/current-work/#sandboxOrigin

Comment:
At the moment, chrome and opera thinks that iframe with source equal to data
url has *not* the same origin as parent window's document. I think that this
behavior is much more useful, because it can be used as a simpliest way of
sandboxing of content.

Posted from: 2.60.105.113

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Received on Monday, 10 January 2011 17:15:02 UTC