W3C home > Mailing lists > Public > whatwg@whatwg.org > January 2007

[whatwg] Sandboxing scripts in pages

From: James M Snell <jasnell@gmail.com>
Date: Fri, 12 Jan 2007 13:30:05 -0800
Message-ID: <45A7FDDD.3070108@gmail.com>

Anne van Kesteren wrote:
>> Frames are a terrible solution. The content is after all a part of the
>> page it's hosted in, but we want to sandbox it to make sure it can't
>> do any harm.
> The proposed alternative is severely underdefined and won't work for the
> foreseeable future anyway.
> [snip]

Minor nit:

  s/proposed alternative/simple strawman to illustrate the point/

I just want the behavior or something that comes close without
necessarily having to resort to aggressive filtering.  That is, I don't
necessarily want to eliminate scripts from the comments, I just want to
be able to limit their impact.

Either way, I'm fully aware that any new invention here would take a
while to actually work.

- James
Received on Friday, 12 January 2007 13:30:05 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:51 UTC