Re: CSP XML Data with tokens from sird@rckc.at on 2011-01-28 (public-web-security@w3.org from January 2011)

From: <sird@rckc.at>
Date: Fri, 28 Jan 2011 03:32:05 -0600
To: gaz Heyes <gazheyes@gmail.com>
Cc: Devdatta Akhawe <dev.akhawe@gmail.com>, Michal Zalewski <lcamtuf@coredump.cx>, Brandon Sterne <bsterne@mozilla.com>, public-web-security@w3.org
Message-ID: <AANLkTin-Z54F0HhD2B59oKVmG=9=6FVpbAyf1M6o3OUe@mail.gmail.com>

<iframe sandbox="allow-same-origin" seamless="seamless" srcdoc="your
html content here"></iframe>

should look more or less like a div.

-- Eduardo




On Fri, Jan 28, 2011 at 2:48 AM, gaz Heyes <gazheyes@gmail.com> wrote:
> On 28 January 2011 01:15, sird@rckc.at <sird@rckc.at> wrote:
>>
>> On the other hand.. We already have iframe@sandbox+srcdoc which makes
>> this kinda useless :)
>
> The iframe sandbox is useful for web gadgets etc but how could it be applied
> to sandbox a section of HTML code like a div?
>

Received on Friday, 28 January 2011 09:33:04 UTC