On Jan 15, 2010, at 5:33 AM, Julian Reschke wrote: > Ian Hickson wrote: >> In response to implementor feedback regarding the sandbox="" >> feature of <iframe> in the WHATWG list [1], and based in part on a >> 2007 research paper from Microsoft [2], I have introduced a new >> MIME type for HTML (text/sandboxed-html) that is identical to text/ >> html in every way except one critical aspect: resources served with >> this MIME type are forced into a unique security origin context. >> ... > > For symmetry, we should also have > > application/xhtml-sandboxed+xml > > right? This actually would not have the desired behavior in legacy UAs, because many (well, at least WebKit-based ones) will recognize any MIME type ending in +xm as an XML type and will parse it as such. Regards, MaciejReceived on Friday, 15 January 2010 18:51:52 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 9 October 2021 18:45:07 UTC