W3C home > Mailing lists > Public > whatwg@whatwg.org > October 2009

[whatwg] framesets

From: Aryeh Gregor <Simetrical+w3c@gmail.com>
Date: Wed, 14 Oct 2009 16:54:44 -0400
Message-ID: <7c2a12e20910141354k6d0144d0hd86faf039ab0ec2a@mail.gmail.com>
On Wed, Oct 14, 2009 at 4:38 PM, Michael Enright
<michael.enright at gmail.com> wrote:
> No matter what display method you use, it sounds like an important
> requirement is to keep users from ever viewing the HTML of a row other
> than from your display app/page. It seems to me to achieve this you
> must not use URIs alone to fetch the row view that goes in the row's
> frame, because it's likely that the URI could be observed by a bad
> guy.

The page linked to earlier,
<http://www.artfulsoftware.com/infotree/mysqlquerytree.php>, seems to
use some kind of temporary URL that prevents this.
Received on Wednesday, 14 October 2009 13:54:44 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:18 UTC