- From: Anne van Kesteren <annevk@opera.com>
- Date: Wed, 30 Jan 2008 11:37:20 +0100
- To: "David Dailey" <david.dailey@sru.edu>
- Cc: "HTML WG" <public-html@w3.org>
On Tue, 29 Jan 2008 16:34:14 +0100, David Dailey <david.dailey@sru.edu> wrote: > I would agree. Since the types of things that are supported by <img> are > not specified, then allowing authors to know some boundaries on what to > expect makes sense. While I am not sure what problems we would have by > having scripts running inside <img> that we would not already have with > scripts running inside <object> or <iframe>, I'm willing to believe that > there probably are reasons (see speculation in last paragraph below). I thought this was already clear, but I'll try to explain. Say you have a site david.example.org and you allow your users to post <img> elements to your website so they can share their PNG, JPG etc. The underlying assumption here is that images are safe and apart from being very big in size can't really do much harm to your website. But if images can suddenly execute script there are a lot of potential issues, such as cookie theft, denial of service attacks, etc. Sites today assume that <img> is safe. Making <img> unsafe like <object> and <iframe> would create security problems all over the Web. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Wednesday, 30 January 2008 10:34:23 UTC