W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2016

Re: In-browser sanitization vs. a “Safe Node” in the DOM

From: Craig Francis <craig.francis@gmail.com>
Date: Fri, 22 Jan 2016 16:57:38 +0000
Cc: David Ross <drx@google.com>, public-webappsec@w3.org
Message-Id: <73788DF5-9081-40A5-B72F-3131C28B75F5@gmail.com>
To: Conrad Irwin <conrad.irwin@gmail.com>
On 21 Jan 2016, at 23:14, Conrad Irwin <conrad.irwin@gmail.com> wrote:
> I think the right way of doing something like this is an iframe (sad to hear seamless iframes are going nowhere), but in the absense of that a specific tag that implements this would be awesome.

I'd just like to add that I'm also disappointed that a seamless iframe does not seem to be happening.

http://caniuse.com/#feat=iframe-seamless <http://caniuse.com/#feat=iframe-seamless>

https://developer.mozilla.org/en/docs/Web/HTML/Element/iframe#attr-seamless <https://developer.mozilla.org/en/docs/Web/HTML/Element/iframe#attr-seamless>

Quite often I have some content (probably user provided html) that I'd like to isolate, and having an iframe which appears like a div (no frame or scrolling) was a perfect solution.


Received on Friday, 22 January 2016 16:58:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:54 UTC