- From: Karl Dubost <karl+w3c@la-grange.net>
- Date: Fri, 15 Jan 2010 20:00:06 -0500
- To: Ian Hickson <ian@hixie.ch>
- Cc: public-html@w3.org
Le 15 janv. 2010 à 19:37, Ian Hickson a écrit : > On Fri, 15 Jan 2010, Karl Dubost wrote: >> >> Would it be possible to have a markup example? (I mean the content of the attribute). > > The details depend on ongoing discussions, but e.g.: > > <iframe seamless sandbox="allow-scripts allow-forms" doc=" > Read my blog! > <a href='#' onclick='alert(document.cookie)'>Click here</a> > "></iframe> That would make the attribute not usable with an XML parser (XSLT processor) I guess, or would this construct be entirely forbidden in XHTML5 or escaped in a way like this: <iframe seamless="" sandbox="allow-scripts allow-forms" doc="<![CDATA[ Read my blog! <a href='#' onclick='alert(document.cookie)'>Click here</a> ]]>"> </iframe> -- Karl Dubost Montréal, QC, Canada http://www.la-grange.net/karl/
Received on Saturday, 16 January 2010 01:00:12 UTC