W3C home > Mailing lists > Public > whatwg@whatwg.org > August 2013

Re: [whatwg] Disabling document.domain setting on iframe@sandbox (especially with allow-same-origin)

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Wed, 21 Aug 2013 16:20:43 -0400
Message-ID: <5215211B.1040206@mit.edu>
To: Ian Hickson <ian@hixie.ch>
Cc: whatwg@lists.whatwg.org, David Bruant <bruant.d@gmail.com>
On 8/8/13 5:35 PM, Ian Hickson wrote:
> I'm certainly open to the idea of making document.domain not work in
> sandboxed <iframe>s. Any objections? Who is ready to implement this?

There seems to be general support for this amongst the Mozilla DOM 
peers, so I filed https://bugzilla.mozilla.org/show_bug.cgi?id=907892 
with patch.

-Boris
Received on Wednesday, 21 August 2013 20:21:12 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:23 UTC