W3C home > Mailing lists > Public > whatwg@whatwg.org > August 2010

(unknown charset) [whatwg] @srcdoc and default @sandbox

From: (unknown charset) Kornel Lesiński <kornel@geekhood.net>
Date: Tue, 31 Aug 2010 21:15:27 +0100
Message-ID: <op.vibjv2x5te2ec8@aimac.local>
On Mon, 30 Aug 2010 23:13:04 +0100, Justin Schuh <jschuh at chromium.org>
wrote:

>> At least as currently drafted, srcdoc is not a security feature. It's a  
>> convenience feature. It is also designed to work well in tandem with a  
>> particular security feature (sandbox). But by itself, it is not a  
>> security feature.
>
> Data URLs already provide this.

What about existing UAs that implement data: URIs, but not sandbox?

-- 
regards, Kornel
Received on Tuesday, 31 August 2010 13:15:27 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:00 UTC