W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2012

Re: Proposal: Document.parse() [AKA: Implied Context Parsing]

From: Anne van Kesteren <annevk@annevk.nl>
Date: Tue, 5 Jun 2012 09:58:02 +0200
Message-ID: <CADnb78gzERo=DLJyWmaT1Dmz5k1u46ksY6wJSz6XLHUgzPD2cg@mail.gmail.com>
To: Adam Barth <w3c@adambarth.com>
Cc: Ian Hickson <ian@hixie.ch>, Rafael Weinstein <rafaelw@google.com>, Webapps WG <public-webapps@w3.org>
On Tue, Jun 5, 2012 at 2:10 AM, Adam Barth <w3c@adambarth.com> wrote:
> Doesn't e4h have the same security problems as e4x?

If you mean http://code.google.com/p/doctype-mirror/wiki/ArticleE4XSecurity
I guess that would depend on how we define it.

A (bigger?) problem with E4H/H4E is that TC39 does not like it:
I'm not as optimistic as them that quasis just solve this (not compile
time, nobody has actually written out the "safehtml" definition), but
TC39 being against it does not help.

Anne — Opera Software
Received on Tuesday, 5 June 2012 09:37:47 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:34 UTC