- From: Ian Hickson <ian@hixie.ch>
- Date: Sun, 24 Jan 2010 11:24:53 +0000 (UTC)
On Sun, 24 Jan 2010, Adam Barth wrote: > On Sun, Jan 24, 2010 at 11:52 AM, Ian Hickson <ian at hixie.ch> wrote: > > On Fri, 11 Dec 2009, Michal Zalewski wrote: > >> 2.1) The ability to disable loading of external resources (images, > >> scripts, etc) in the sandboxed document. The common usage scenario is > >> when you do not want the displayed document to "phone home" for > >> privacy reasons, for example in a web mail system. > > > > Good point. Should we make sandbox="" disable off-origin network > > requests? > > In general, stopping malicious content from exfiltrating data isn't > practical. For example, even including a single hyperlink is often > sufficient to exfiltrate a large amount of data. In user agents that > prefetch DNS, the user doesn't even need to click on the link. Ok. Then I won't add it. > > On Sun, 13 Dec 2009, Adam Barth wrote: > >> I'm very interested in a solution that works for the following use > >> cases: > >> > >> 1) A web page wants to display untrusted (i.e., restricted) HTML > >> received via cross-site XMLHttpRequest or postMessage. > > > > Do you have a concrete use case for which <iframe> doesn't work? > > <iframe sandbox srcdoc> might work nicely for this use case, actually, > especially because setting srcdoc from the DOM removes the need to > escape ". Cool. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Sunday, 24 January 2010 03:24:53 UTC