W3C home > Mailing lists > Public > whatwg@whatwg.org > April 2012

[whatwg] Additional attribute value for iframe sandbox

From: Charles Pritchard <chuck@jumis.com>
Date: Mon, 30 Apr 2012 14:16:23 -0700
Message-ID: <4F9F0127.3060706@jumis.com>
On 4/30/12 2:04 PM, Tim Streater wrote:
> On 30 Apr 2012 at 21:17, Charles Pritchard<chuck at jumis.com>  wrote:
>
>> They've got an allow-popup in IE and I think WebKit.
>> It's just a little slow going in getting it firmly out there.
> Yes, I saw that as I worked on through the archive. But they want to enforce the same restrictions on the newly-opened window as the iframe had. I'd prefer no restrictions, but also no connection back from the opened window to its parent. IOW, just as if one had opened a new browser window and typed the URI in manually.

Thanks for that clarification. Sandbox certainly has some subtleties.

The about:blank + <meta refresh> hack is no fun; the thing used to break 
out of origin in webkit.

I'd hoped iframe sandbox had that solved.


-Charles
Received on Monday, 30 April 2012 14:16:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 30 January 2013 18:48:07 GMT