W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2012

RE: ISSUE-26: Does the sandbox directive make sense in a meta tag context?

From: Fred Andrews <fredandw@live.com>
Date: Mon, 5 Nov 2012 00:04:16 +0000
Message-ID: <BLU002-W21116537D5D9B5208DB5D51AA640@phx.gbl>
To: Web Application Security Working Group <public-webappsec@w3.org>
Perhaps similar considerations to those in issue-25.  There would appear to be a range of security restrictions that could potentially be declared in meta elements within the head section, and supporting a meta element is less burden for all the content creation software, so perhaps another look at this general issue would be productive.

One option being considered by the PUA CG would use a sandbox style meta tag to disable or restrict the document JS context, so discussion on this issue would be of interest.

cheers
Fred

> Date: Thu, 1 Nov 2012 15:56:13 +0000
> To: public-webappsec@w3.org
> From: sysbot+tracker@w3.org
> Subject: ISSUE-26: Does the sandbox directive make sense in a meta tag context?
> 
> ISSUE-26: Does the sandbox directive make sense in a meta tag context?
> 
> http://www.w3.org/2011/webappsec/track/issues/26
> 
> Raised by: 
> On product: 
> 
> 
> 
> 
> 
 		 	   		  
Received on Monday, 5 November 2012 00:04:43 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 5 November 2012 00:04:43 GMT