W3C home > Mailing lists > Public > whatwg@whatwg.org > August 2010

[whatwg] Please consider dropping the "sandbox" attribute from the <iframe> element

From: Ian Fette <ifette@google.com>
Date: Sun, 1 Aug 2010 19:08:22 -0700
Message-ID: <AANLkTimtaHQ7gGC=ST+UUZrN26k0RtJs0h5o9WHat66Y@mail.gmail.com>
We (webkit/chrome) have had iframe sandbox implemented for over half a year.
We've found some bugs in implementation here and there and fixed them. It
solves a very real problem, has already been implemented, and your argument
provides absolutely no information. Can you elaborate?

On Sun, Aug 1, 2010 at 6:59 PM, Tantek ?elik <tantek at cs.stanford.edu> wrote:

> Summary: The new 'sandbox' feature on <iframe> should be considered
> for removal. It needs a security review, it will be a lot of work to
> implement properly, and may not actually solve the problem it is
> intending to solve.
> More details here:
> http://wiki.whatwg.org/wiki/Iframe_Sandbox
> I encourage fellow web authors and browser implementers to add their
> opinions/comments to that wiki page.
> Thanks!
> Tantek
> --
> http://tantek.com/ - I made an HTML5 tutorial! http://tantek.com/html5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20100801/c97b4c42/attachment.htm>
Received on Sunday, 1 August 2010 19:08:22 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:25 UTC