[whatwg] framesets

On Wed, Oct 14, 2009 at 4:38 PM, Michael Enright
<michael.enright at gmail.com> wrote:
> No matter what display method you use, it sounds like an important
> requirement is to keep users from ever viewing the HTML of a row other
> than from your display app/page. It seems to me to achieve this you
> must not use URIs alone to fetch the row view that goes in the row's
> frame, because it's likely that the URI could be observed by a bad
> guy.

The page linked to earlier,
<http://www.artfulsoftware.com/infotree/mysqlquerytree.php>, seems to
use some kind of temporary URL that prevents this.

Received on Wednesday, 14 October 2009 13:54:44 UTC