- From: Jonas Sicking <jonas@sicking.cc>
- Date: Fri, 27 Apr 2007 03:34:24 -0700
Christian Schmidt wrote: > Jonas Sicking wrote: >> The idea is basically an element like <iframe> but that renders the >> linked page, instead of inside a square area, in flow with the main >> page. > This is actually useful not only in Ajax-like applications like the ones > suggested in your example but also in more static pages as a replacement > for server-side includes. Client-side includes make it easier to make > sites that are made up data from different sources. Most developers > prefer to avoid server-site includes in favour of letting clients > request the resource directly. > > Some sites may choose to serve the top-level navigation from one central > place, even though the site is made up of several subsites hosted on > different servers and platforms by different hosting companies. The > <include> element could be used to include the top-level navigation on > each of the subsites. Also, content from different subsites could be > aggregated on one overview page using <include>. > > Ad banners are usually served from a seperate server. Banners with fixed > proportions are probably better served using an IFRAME, but e.g. > Google's text-ads may vary in size and could benefit from being a part > of the page. Note that for security reasons we can't allow the <include> to point to servers other than that of the including page. Otherwise it would be possible to pull information out of documents on another server by using a fragment identifier. For example, the following could be used to see how many bank transactions a user has done in the past month: <include src="http://citibank.com/cgi/transactions.phptranstable"> obviously that is a made up url, but you get the general idea. It is possible that we could overcome this using the access control specification, but I haven't looked into if that would actually work. / jonas
Received on Friday, 27 April 2007 03:34:24 UTC