[whatwg] External document subset support

You can easily include a cross-domain script using a cross-domain DTD; just
attach the malware as 

<!ATTLIST body onload CDATA "{ sniper.shoot(); }" > 

and hope for the worst.

Chris

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090619/e3ea272e/attachment.htm>

Received on Friday, 19 June 2009 04:06:39 UTC