RE: ISSUE-26: Does the sandbox directive make sense in a meta tag context? from Fred Andrews on 2012-11-05 (public-webappsec@w3.org from November 2012)

From: Fred Andrews <fredandw@live.com>
Date: Mon, 5 Nov 2012 00:04:16 +0000
To: Web Application Security Working Group <public-webappsec@w3.org>
Message-ID: <BLU002-W21116537D5D9B5208DB5D51AA640@phx.gbl>

Perhaps similar considerations to those in issue-25.  There would appear to be a range of security restrictions that could potentially be declared in meta elements within the head section, and supporting a meta element is less burden for all the content creation software, so perhaps another look at this general issue would be productive.

One option being considered by the PUA CG would use a sandbox style meta tag to disable or restrict the document JS context, so discussion on this issue would be of interest.

cheers
Fred

> Date: Thu, 1 Nov 2012 15:56:13 +0000
> To: public-webappsec@w3.org
> From: sysbot+tracker@w3.org
> Subject: ISSUE-26: Does the sandbox directive make sense in a meta tag context?
> 
> ISSUE-26: Does the sandbox directive make sense in a meta tag context?
> 
> http://www.w3.org/2011/webappsec/track/issues/26
> 
> Raised by: 
> On product: 
> 
> 
> 
> 
>

Received on Monday, 5 November 2012 00:04:43 UTC