[Bug 9602] Autofocus attribute.


--- Comment #13 from Shelley Powers <shelleyp@burningbird.net>  2010-08-05 14:30:59 ---
(In reply to comment #12)
> They would also be "vulnerable" to each new event handler attribute, etc.
> Blacklisting never works as security measure.

Whether it is effective or not, it exists. You can't count on getting a
specific "JavaScript turned off" in order to determine whether to enable the
autofocus attribute or not, and still consider the attribute secure.

It is insecure, period.

Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Thursday, 5 August 2010 14:31:01 UTC