Ian Hickson wrote: > > Summary: > > * I've added a sandbox="" attribute to <iframe>, which by default > disables a number of features and takes a space-separated list of > features to re-enable: > ... Makes sense, Ian. Additionally to this, what about adding <meta> tag that disables or limits features of the page if it is running inside <frame> or <iframe>? Say something like this: <html> <head> <meta name="allowed-context" value="standalone-only" /> </head> ... </html> That may prevent some types of malicious uses. -- Andrew Fedoniouk. http://terrainformatica.comReceived on Wednesday, 21 May 2008 23:44:22 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 9 October 2021 18:44:31 UTC