- From: fantasai <fantasai.lists@inkedblade.net>
- Date: Sat, 27 Oct 2007 11:23:12 -0400
- To: David Woolley <forums@david-woolley.me.uk>
- CC: "www-style@w3.org" <www-style@w3.org>
David Woolley wrote: > > I very much hope not, as one of the advantages of CSS is that it does > not have the power of a general programming language and is therefore > much less likely to provide access to security holes, and, at least in > principle, easier to analyze mechanically. The BECSS draft already crosses this line by importing scripts through the 'binding' property. I haven't seen any serious discussion in the WG about the security implications of this. ~fantasai
Received on Saturday, 27 October 2007 15:23:32 UTC