- From: <bugzilla@jessica.w3.org>
- Date: Fri, 15 Jul 2011 08:14:20 +0000
- To: public-html@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=13267 Summary: sandboxing implication for plugins should be rephrased Product: HTML WG Version: unspecified Platform: All URL: http://www.w3.org/TR/2011/WD-html5-20110525/Overview.h tml#attr-iframe-sandbox OS/Version: All Status: NEW Severity: normal Priority: P2 Component: HTML5 spec (editor: Ian Hickson) AssignedTo: ian@hixie.ch ReportedBy: julian.reschke@gmx.de QAContact: public-html-bugzilla@w3.org CC: mike@w3.org, public-html-wg-issue-tracking@w3.org, public-html@w3.org "The sandbox attribute, when specified, enables a set of extra restrictions on any content hosted by the iframe. Its value must be an unordered set of unique space-separated tokens that are ASCII case-insensitive. The allowed values are allow-same-origin, allow-top-navigation, allow-forms, and allow-scripts. When the attribute is set, the content is treated as being from a unique origin, forms and scripts are disabled, links are prevented from targeting other browsing contexts, and plugins are disabled." This doesn't cover the case where a UI might be able to negotiate these restrictions with a plugin. See context around <http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2011-July/032429.html>. -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
Received on Friday, 15 July 2011 08:14:25 UTC