[Bug 9851] Allow plugins in @sandbox via "allow-plugins" option

http://www.w3.org/Bugs/Public/show_bug.cgi?id=9851


Ian 'Hixie' Hickson <ian@hixie.ch> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |ian@hixie.ch
         Resolution|                            |LATER




--- Comment #1 from Ian 'Hixie' Hickson <ian@hixie.ch>  2010-08-16 21:19:55 ---
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are
satisfied with this response, please change the state of this bug to CLOSED. If
you have additional information and would like the editor to reconsider, please
reopen this bug. If you would like to escalate the issue to the full HTML
Working Group, please add the TrackerRequest keyword to this bug, and suggest
title and text for the tracker issue; or you may create a tracker issue
yourself, if you are able to do so. For more details, see this document:
   http://dev.w3.org/html5/decision-policy/decision-policy.html

Status: Rejected
Change Description: no spec change
Rationale: We can't allow plugins to be used in sandboxed content until plugins
are aware of the sandboxing mechanism, such that browsers can only enable
plugins that respect the sandboxing. Right now, enabling plugins would be
essentially equivalent to just removing the sandbox attribute (possibly
literally -- there's no reason that I can see why a plugin couldn't just go
ahead and remove the attribute and reload the iframe).

Once the plugin APIs are sandbox-aware, it would make sense to provide such a
feature.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Monday, 16 August 2010 21:19:58 UTC