[Bug 13230] Remove text/html-sandboxed from bugzilla@jessica.w3.org on 2011-07-13 (public-html-bugzilla@w3.org from July 2011)

From: <bugzilla@jessica.w3.org>
Date: Wed, 13 Jul 2011 19:48:47 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1Qh5QN-00040d-Pf@jessica.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=13230

Eli Grey (:sephr) <bugmail@eligrey.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Need a media type-agnostic  |Remove text/html-sandboxed
                   |alternative to              |
                   |text/html-sandboxed         |

--- Comment #5 from Eli Grey (:sephr) <bugmail@eligrey.com> 2011-07-13 19:48:47 UTC ---
I have came up with a final solution to this problem: just remove
text/html-sandboxed and don't provide any other sandboxing features than that
of what is offered for iframes.

Sandboxing on the media type/HTTP level is best suited for Mozilla's CSP
proposal, and has no place in HTML5. I have submitted
https://bugzilla.mozilla.org/show_bug.cgi?id=671389 for integration of HTML5
sandboxing features into CSP.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Wednesday, 13 July 2011 19:48:55 UTC