W3C home > Mailing lists > Public > whatwg@whatwg.org > December 2009

[whatwg] Proposal for <iframe sandbox> related change to HTML5 section 4.8.3

From: Chris Evans <cevans@google.com>
Date: Tue, 8 Dec 2009 11:04:23 -0800
Message-ID: <ff1e8c3a0912081104v5be773bfl4f587af2e020ad96@mail.gmail.com>
Hello,

I propose changing this text:

"This flag also prevents script from reading the document.cookie IDL
attribute."

to

"This flag also prevents script from reading or writing the document.cookie
IDL attribute."


This change makes sure the sandbox attribute protects the integrity as well
as confidentiality of the cookies. It also matches what was implemented in
WebKit.


Cheers
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20091208/ed338fc6/attachment.htm>
Received on Tuesday, 8 December 2009 11:04:23 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:54 UTC