W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2013

Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import>

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 26 Apr 2013 00:16:38 +0100
Message-ID: <CADnb78gcFFnXwWvNvKMXXw31vN_VYUPh6ZTsN+OpLfkNAJd2_Q@mail.gmail.com>
To: Web Application Security Working Group <public-webappsec@w3.org>
On Thu, Apr 25, 2013 at 10:49 PM, Web Application Security Working
Group Issue Tracker <sysbot+tracker@w3.org> wrote:
> Create a new directive, e.g. import-src for allowing custom elements to be imported from an external source?

Last I checked this can do the same as script, so you probably want to
restrict via the same mechanism.


--
http://annevankesteren.nl/
Received on Thursday, 25 April 2013 23:17:06 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC