W3C home > Mailing lists > Public > public-web-security@w3.org > January 2010

Re: RE: text/sandboxed-html

From: Eduardo Vela <sirdarckcat@gmail.com>
Date: Wed, 27 Jan 2010 08:43:43 +0800
Message-ID: <8ba534861001261643o76a643d2ne14e31373e619478@mail.gmail.com>
To: "Helen Wang (MSR)" <helenw@microsoft.com>
Cc: Collin Jackson <collin@collinjackson.com>, "public-web-security@w3.org" <public-web-security@w3.org>
I like this more than iframe[sandbox], the contents inside the tag would be

On Jan 27, 2010 8:19 AM, "Helen Wang (MSR)" <helenw@microsoft.com> wrote:

> In any case, the text/html-sandbox defense is requirement for hosting >
untrusted content on the ...

> Making <sandbox> a separate tag instead of an attribute of <iframe> >
doesn't eliminate the need t...
This <sandbox>'s semantics differs from that of the original MashupOS
sandbox. The only goal of the revised <sandbox> is to allow a host page to
restrict a public script.  The original MashupOS sandbox proposal
additionally wants to allow a web server to indicate that some hosted
content is untrustworthy and shouldn't be rendered with any origin'
privilege. This latter semantics is lost in the revised proposal in exchange
for the elimination of setting the MIME type for easy deploy-ability.

Please note that <sandbox>'s "src" can *only* be a script, but not any other
type of content. This together with its intended semantics make it fine
without setting MIME type.

Looking from another angle, this <sandbox> proposal is very similar to
<script> except the sandboxed script has no privileges.

Received on Wednesday, 27 January 2010 00:44:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:17 UTC