http://www.w3.org/Bugs/Public/show_bug.cgi?id=12393 Summary: http://dev.w3.org/html5/spec/Overview.html#attr-iframe -sandbox Product: HTML WG Version: unspecified Platform: PC OS/Version: Windows NT Status: NEW Severity: normal Priority: P2 Component: HTML5 spec (editor: Ian Hickson) AssignedTo: ian@hixie.ch ReportedBy: jrossi@microsoft.com QAContact: public-html-bugzilla@w3.org CC: mike@w3.org, public-html-wg-issue-tracking@w3.org, public-html@w3.org There's currently no way for a sandboxed iframe to generate popups (which for some mashup scenarios, may be valid). We should add an "allow-popups" token for the sandbox attribute. When set, window.open(), showModalDialog() [1], and links with target=”_blank” would be allowed. However, the newly created browsing contexts should inherit the sandbox restrictions of the context from which the popup was created. [1] http://www.w3.org/Bugs/Public/show_bug.cgi?id=12391 -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.Received on Tuesday, 29 March 2011 07:12:57 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 9 October 2021 18:45:34 UTC