- From: Ojan Vafai <ojan@chromium.org>
- Date: Mon, 7 Nov 2011 09:30:05 -0800
- To: Ryan Seddon <seddon.ryan@gmail.com>
- Cc: Yehuda Katz <wycats@gmail.com>, public-webapps WG <public-webapps@w3.org>
Received on Monday, 7 November 2011 17:30:58 UTC
I don't really follow. Script won't execute until you append the fragment to the DOM, at which point the fragment itself doesn't go in the DOM, just it's children. So, I'm not really sure what sandboxing on fragments would do. On Fri, Nov 4, 2011 at 11:14 PM, Ryan Seddon <seddon.ryan@gmail.com> wrote: > This would be a great addition, another thought would be the ability to > sandbox the documentFragment. Much the same way you can sanitise > responseText from an XHR using and iframe with the sandbox attribute being > able to do this with fragments would be might handy. >
Received on Monday, 7 November 2011 17:30:58 UTC