- From: Gervase Markham <gerv@mozilla.org>
- Date: Mon, 06 Mar 2006 10:48:08 +0000
Alexey Feldgendler wrote: > I never said that the website won't have to do HTML cleaning for > user-supplied content. But with HTML 5 reference parsing algorithm, such > cleaning is going to be much easier and straightforward: parse the text > into DOM (as if it was inside BODY, for example), remove or modify > forbidden elements, then serialize it. That way, </SANDBOX> will be > ignored as an easy parse error because it doesn't match an opening tag > within the user-supplied text. An unclosed comment will be ignored, too. Er, what defines "the user-supplied content"? Surely it's the <SANDBOX> tags? So how can you say "A </SANDBOX> inside the user-supplied content will be ignored", as you don't know whether a </SANDBOX> you encounter is the end of the sandbox or not? Or are you suggesting that only one sandbox per page is allowed, and the user agent should use the outermost </SANDBOX> tag? Gerv
Received on Monday, 6 March 2006 02:48:08 UTC