W3C home > Mailing lists > Public > public-web-security@w3.org > January 2011

Re: CSP XML Data with tokens

From: <sird@rckc.at>
Date: Fri, 28 Jan 2011 03:34:41 -0600
Message-ID: <AANLkTikXhJft4+avjOVqF-QJSXPog58CWk01rXVx3oZR@mail.gmail.com>
To: gaz Heyes <gazheyes@gmail.com>
Cc: Devdatta Akhawe <dev.akhawe@gmail.com>, Michal Zalewski <lcamtuf@coredump.cx>, Brandon Sterne <bsterne@mozilla.com>, public-web-security@w3.org
btw!

its worth noting that no UA supports srcdoc yet.


-- Eduardo




On Fri, Jan 28, 2011 at 3:32 AM, sird@rckc.at <sird@rckc.at> wrote:
> <iframe sandbox="allow-same-origin" seamless="seamless" srcdoc="your
> html content here"></iframe>
>
> should look more or less like a div.
>
> -- Eduardo
>
>
>
>
> On Fri, Jan 28, 2011 at 2:48 AM, gaz Heyes <gazheyes@gmail.com> wrote:
>> On 28 January 2011 01:15, sird@rckc.at <sird@rckc.at> wrote:
>>>
>>> On the other hand.. We already have iframe@sandbox+srcdoc which makes
>>> this kinda useless :)
>>
>> The iframe sandbox is useful for web gadgets etc but how could it be applied
>> to sandbox a section of HTML code like a div?
>>
>
Received on Friday, 28 January 2011 09:35:33 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 28 January 2011 09:35:33 GMT