[whatwg] HTML 5 : The Youtube response

On Wed, 30 Jun 2010 16:31:20 +0200, Tab Atkins Jr. <jackalmage at gmail.com>  
wrote:

> On Wed, Jun 30, 2010 at 2:35 AM, schalk <schalk at ossreleasefeed.com>  
> wrote:
>> Hi there,
>>
>> Has anyone/everyone read the blog entry on Youtube?s blog
>> (http://apiblog.youtube.com/2010/06/flash-and-html5-tag.html) regarding  
>> their
>> feeling about HTML5 video and why they still feel that Flash for video  
>> is the
>> preferred choice? I must say I do share some of their points. My  
>> question is,
>> what work is being done to remedy these points at the moment?
>
> So, for a quick recap, their problems are:
>
> 1. Standard video format
> 2. Robust video streaming
> 3. Content Protection
> 4. Encapsulation + embedding
> 5. Fullscreen video
> 6. Camera and Microphone access
>
> The blog itself successfully covers the current responses to 1, 2, 5,
> and 6.  #3 is a different story; it doesn't appear that anyone in this
> space is working on that or intends to.  And I'm happy with that.  #4
> is kind of silly - flash embedding doesn't protect anyone's private
> data - the plugin can do plenty of malicious stuff if it wants to.
> Spreading videos by embedding <script> tags would be equally safe.  I
> think people just don't realize that fact.  In any case, embedding
> videos via <iframe sandbox=allow-scripts> should work fine, once more
> browsers support it.
>
> ~TJ
>

What issues would there be with simply using <iframe> without sandboxing?  
What doesn't the cross-origin policy stop?

-- 
Philip J?genstedt
Core Developer
Opera Software

Received on Wednesday, 30 June 2010 08:14:37 UTC