W3C home > Mailing lists > Public > whatwg@whatwg.org > July 2010

[whatwg] Iframe dimensions

From: Aryeh Gregor <Simetrical+w3c@gmail.com>
Date: Tue, 6 Jul 2010 06:31:49 -0400
Message-ID: <AANLkTilQ3P6hhwrpr14n___yrUD-j0wEHQ4h7yYNElOS@mail.gmail.com>
On Tue, Jul 6, 2010 at 4:40 AM, Markus Ernst <derernst at gmx.ch> wrote:
> Thank you and Boris for your examples. I see the security issues. Anyway It
> would be very helpful in cases like mine, where security and privacy are not
> affected, to get an easy way to do this opt-in without the need of complex
> scripting, and independent from @seamless. Embedding content from external
> providers looks like a quite common case to me, and an easy opt-in mechanism
> would help both the customers and the providers of embedded content.

So what you're saying is that you really do just want seamless="" with
easy cross-origin opt-in, right?  That sounds entirely logical, and
I'm not sure why it's not specced already (or at least I don't see
it).  Could this be easily added to CORS?  CORS isn't so easy to set
up, of course, but I'm not sure it's practical to do better.  An HTML
tag would work, for HTML pages (the common case for iframes), but then
the UA wouldn't know whether it's allowed to be seamless until it
started parsing the response, which might have complications.

I don't know why you keep saying "independent from @seamless" without
giving any reason for it.  Seamless seems like exactly what you want.
Received on Tuesday, 6 July 2010 03:31:49 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:24 UTC