W3C home > Mailing lists > Public > public-web-security@w3.org > January 2010

Re: text/sandboxed-html

From: Roy T. Fielding <fielding@gbiv.com>
Date: Tue, 12 Jan 2010 18:08:14 -0800
Cc: public-html@w3.org, public-web-security@w3.org
Message-Id: <556CD197-FBB3-4F2F-BA64-E55F63F1EA43@gbiv.com>
To: Ian Hickson <ian@hixie.ch>
On Jan 12, 2010, at 5:51 PM, Ian Hickson wrote:

> In response to implementor feedback regarding the sandbox="" feature of 
> <iframe> in the WHATWG list [1], and based in part on a 2007 research 
> paper from Microsoft [2], I have introduced a new MIME type for HTML 
> (text/sandboxed-html) that is identical to text/html in every way except 
> one critical aspect: resources served with this MIME type are forced into 
> a unique security origin context.

I would prefer a media type of "text/html-sandboxed", since that places
the two types next to each other in a sorted list and allows easier
prefix-matching when desired.

Received on Wednesday, 13 January 2010 02:08:42 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:17 UTC