Ian Hickson wrote: > - data: attributes require more escaping > - the definition of 'origin' for data: attributes isn't fully stable > - using data: has the wrong fallback story (it fails open, instead of > closed) While this doesn't address the first two points, the fallback story can be somewhat improved by using text/html-sandboxed: <iframe src="data:text/html-sandboxed,<!DOCTYPE html><p>test"></iframe> The fallback for this is then the same as for using text/html-sandboxed over HTTP, which admittedly has its own set of problems in current browsers. -- Lachlan Hunt - Opera Software http://lachy.id.au/ http://www.opera.com/Received on Sunday, 17 January 2010 17:56:09 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 9 October 2021 18:45:07 UTC