Re: text/sandboxed-html

On Wed, 2010-01-13 at 10:18 +0800, sird@rckc.at wrote:
> why not putting the sandboxed URL inside the sandbox attribute?
> anyway, it's just a suggestion, the new mime type is a great idea, now
> sandbox makes sense!
> 
> <iframe sandbox="http://thesite.com/thesandboxed.html"
> sandboxsomething="no-scripts no-frames">

Using a new attribute rather than src seems like a sensible idea to me.
Legacy user agents won't load anything from:

 <iframe sandbox="http://example.com/sandboxed.html"></iframe>

And won't pop up annoying dialogue boxes. It seems to eliminate the need
for an additional media type registration; and it makes things simpler
for those HTML publishers who are not au fait with configuring their web
servers.

-- 
Toby A Inkster
<mailto:mail@tobyinkster.co.uk>
<http://tobyinkster.co.uk>

Received on Wednesday, 13 January 2010 06:44:44 UTC