- From: Alexey Feldgendler <alexey@feldgendler.ru>
- Date: Mon, 14 May 2007 22:19:06 +0200
On Mon, 14 May 2007 22:02:42 +0200, Jon Barnett <jonbarnett at gmail.com> wrote: >>> I'd treat these two problems as equally important. A separate HTTP >>> request per forum comment on the page is completely unacceptable. >> What about encoding the content of each comment iframe in a "data:" URI? > The contents of an iframe with a data: URI source should be trusted, > unlike > an iframe with an http: URI source from another domain. A script in an > iframe with a data: URI source should, by default, be able to communicate > with the parent window. So, that alone doesn't solve the problem. Not to mention that data: URIs are ugly, wasteful (because of the BASE64 encoding), cannot be read and written by humans directly, and have maximum length problems in some implementations. -- Alexey Feldgendler <alexey at feldgendler.ru> [ICQ: 115226275] http://feldgendler.livejournal.com
Received on Monday, 14 May 2007 13:19:06 UTC