- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sun, 24 Jan 2010 21:06:09 +0100
- To: "Tab Atkins Jr." <jackalmage@gmail.com>
- CC: Shelley Powers <shelley.just@gmail.com>, Ian Hickson <ian@hixie.ch>, "public-html@w3.org WG" <public-html@w3.org>
Tab Atkins Jr. wrote: > ... > If I had to write it by hand, of course I wouldn't be happy. That's > not what it's for. If I'm writing it by hand I can skip the <iframes> > entirely, because I know what I'm writing and thus don't need to > protect myself against myself. This sort of stuff is meant to be > generated by code, like this: > ... Indeed. And that code could also produce properly escaped data URIs. Can we please try harder to avoid introducing another attribute, and fix the problem we have with data URIs instead? Best regards, Julian
Received on Sunday, 24 January 2010 20:07:06 UTC