[whatwg] Dealing with UI redress vulnerabilities inherent to the current web

Kristof Zelechovski wrote:
> Prohibiting third-party embedded content would disable media embedded in
> blogs.


Absolutely false. The media simply needs to be served from the same host 
the blog itself is. This is how almost all the media in my blogs works 
today. What little content comes from a 3rd party site in my blogs 
(mostly from laziness) could easily be moved to the sites that serve the 
blogs.

-- 
Elliotte Rusty Harold  elharo at metalab.unc.edu
Refactoring HTML Just Published!
http://www.amazon.com/exec/obidos/ISBN=0321503635/ref=nosim/cafeaulaitA

Received on Friday, 26 September 2008 08:31:33 UTC