Re: XHR without user credentials

Somehow this arrived late in my inbox :/

On Tue, 09 Jun 2009 18:29:25 +0200, Tyler Close <tyler.close@gmail.com> wrote:
> I think there are two main reasons:
>
> 1. ADsafe, Caja and others provide finer grained control over what the
> widget can do.

Could you elaborate on that?


> 2. All ads/widgets are fetched by the same HTTP request that fetches
> the containing page. The overhead of a separate iframe per ad/widget
> was too much for the expected use-cases.

This hasn't been done yet but the idea is to add a document="" (or some such) attribute to <iframe> that takes a string of markup to be rendered in a sandboxed way which should take away this concern.


-- 
Anne van Kesteren
http://annevankesteren.nl/

Received on Tuesday, 9 June 2009 19:17:19 UTC