Le 15 janv. 2010 à 19:37, Ian Hickson a écrit : > On Fri, 15 Jan 2010, Karl Dubost wrote: >> >> Would it be possible to have a markup example? (I mean the content of the attribute). > > The details depend on ongoing discussions, but e.g.: > > <iframe seamless sandbox="allow-scripts allow-forms" doc=" > Read my blog! > <a href='#' onclick='alert(document.cookie)'>Click here</a> > "></iframe> That would make the attribute not usable with an XML parser (XSLT processor) I guess, or would this construct be entirely forbidden in XHTML5 or escaped in a way like this: <iframe seamless="" sandbox="allow-scripts allow-forms" doc="<![CDATA[ Read my blog! <a href='#' onclick='alert(document.cookie)'>Click here</a> ]]>"> </iframe> -- Karl Dubost Montréal, QC, Canada http://www.la-grange.net/karl/Received on Saturday, 16 January 2010 01:00:12 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 9 October 2021 18:45:07 UTC