- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Fri, 15 Jan 2010 14:33:24 +0100
- To: Ian Hickson <ian@hixie.ch>
- CC: public-html@w3.org, public-web-security@w3.org
Ian Hickson wrote: > In response to implementor feedback regarding the sandbox="" feature of > <iframe> in the WHATWG list [1], and based in part on a 2007 research > paper from Microsoft [2], I have introduced a new MIME type for HTML > (text/sandboxed-html) that is identical to text/html in every way except > one critical aspect: resources served with this MIME type are forced into > a unique security origin context. > ... For symmetry, we should also have application/xhtml-sandboxed+xml right? Best regards, Julian
Received on Friday, 15 January 2010 13:34:03 UTC