W3C home > Mailing lists > Public > whatwg@whatwg.org > April 2012

[whatwg] Additional attribute value for iframe sandbox

From: Charles Pritchard <chuck@jumis.com>
Date: Mon, 30 Apr 2012 14:16:23 -0700
Message-ID: <4F9F0127.3060706@jumis.com>
On 4/30/12 2:04 PM, Tim Streater wrote:
> On 30 Apr 2012 at 21:17, Charles Pritchard<chuck at jumis.com>  wrote:
>> They've got an allow-popup in IE and I think WebKit.
>> It's just a little slow going in getting it firmly out there.
> Yes, I saw that as I worked on through the archive. But they want to enforce the same restrictions on the newly-opened window as the iframe had. I'd prefer no restrictions, but also no connection back from the opened window to its parent. IOW, just as if one had opened a new browser window and typed the URI in manually.

Thanks for that clarification. Sandbox certainly has some subtleties.

The about:blank + <meta refresh> hack is no fun; the thing used to break 
out of origin in webkit.

I'd hoped iframe sandbox had that solved.

Received on Monday, 30 April 2012 14:16:23 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:12 UTC