[Bug 12390] New: A sandboxed MIME type attribute would be better than a fully qualified MIME type from bugzilla@jessica.w3.org on 2011-03-29 (public-html@w3.org from March 2011)

From: <bugzilla@jessica.w3.org>
Date: Tue, 29 Mar 2011 06:19:46 +0000
To: public-html@w3.org
Message-ID: <bug-12390-2495@http.www.w3.org/Bugs/Public/>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=12390

           Summary: A sandboxed MIME type attribute would be better than a
                    fully qualified MIME type
           Product: HTML WG
           Version: unspecified
          Platform: PC
               URL: http://dev.w3.org/html5/spec/Overview.html#text-html-s
                    andboxed
        OS/Version: Windows NT
            Status: NEW
          Severity: normal
          Priority: P1
         Component: HTML5 spec (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: jrossi@microsoft.com
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


I don't believe any browsers implement this yet. But a new MIME type
specifically for sandboxed HTML content seems like the wrong way to go.

As it stands currently, only text/html has a sandboxed equivelant. What about
image/svg+xml, or application/xhtml+xml? Do we really want to make a new fully
qualified sandboxed MIME type for every existing type? They wouldn't really be
new "types." Rather, they look/feel/smell like existing types with the caveat
of setting a single flag.

Instead, a MIME type attribute would be better (ex:  text/html;sandboxed  or
application/xhtml+xml;sandboxed). This would allow any existing (or future)
MIME types to be sandboxed with the unique origin flag.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Received on Tuesday, 29 March 2011 06:19:48 UTC