- From: Aryeh Gregor <Simetrical+w3c@gmail.com>
- Date: Wed, 9 Dec 2009 12:19:21 -0500
- To: gaz Heyes <gazheyes@gmail.com>
- Cc: public-web-security@w3.org
On Wed, Dec 9, 2009 at 11:46 AM, gaz Heyes <gazheyes@gmail.com> wrote: > Namespaces allow remote resources without url() > <http://www.w3.org/TR/css3-namespace/> Where? Namespace URIs normally wouldn't be fetched, would they? Also, @namespace has to precede all valid rules, so (c) would prevent it from being processed. > CSS3 Attr() proposed functionality specifies url as an argument. So you could do: <span title="http://evil.com" style="background-image: attr(title, url)"> Clever. > The ability > to read and distribute any CSS property could be a problem too if you can > interact with the value and another selector. What do you mean by this?
Received on Wednesday, 9 December 2009 17:20:01 UTC