In response to implementor feedback regarding the sandbox="" feature of 
<iframe> in the WHATWG list [1], and based in part on a 2007 research 
paper from Microsoft [2], I have introduced a new MIME type for HTML 
(text/sandboxed-html) that is identical to text/html in every way except 
one critical aspect: resources served with this MIME type are forced into 
a unique security origin context.

This feature can also be used with <iframe sandbox=""> to force the 
desired behaviour in legacy UAs -- fallback to either no sandbox is 
possible as before (for the case where sandbox="" is being used for 
defence-in-depth), and fallback to load failure is now possible by serving 
the content with this type (for the case where legacy UAs are not intended 
to be supported and sandbox="" is being used for first-line security).

This is somewhat experimental, and so feedback (especially implementor 
feedback) regarding this proposal is encouraged.
[1] http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2010-January/024732.html
[2] http://research.microsoft.com/en-us/um/people/helenw/papers/sosp07MashupOS.pdf

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Wednesday, 13 January 2010 01:52:19 UTC