- From: Ian Hickson <ian@hixie.ch>
- Date: Mon, 15 Nov 2010 22:16:48 +0000 (UTC)
On Mon, 15 Nov 2010, Tab Atkins Jr. wrote: > > I'm not sure why making this case marginally more convenient is > important. If you're going to be pointing the frame to real pages > anyway, why is it a burden to supply an initial page? It's a latency round-trip perf improvement on page load time. > @srcdoc wasn't designed to support author-authored (hah!) pages; if > that's a use-case we were aiming for we would have let <iframe> display > its contents when there's no @src, or similar. That would break existing pages and would not be as safe in the sandboxing case as srcdoc="". Providing both syntaxes seems excessive, and would likely result in people using the wrong one when they need security. > Markup in attributes is a definite antipattern that we're violating in > this particular case only because it's the simplest thing for authors, > and thus the most likely to be done right. I don't really agree that it's an antipattern. There are certainly situations where it's a bad idea to put markup in a string context, but that's primarily because it can't be syntax checked (e.g. DTDs can't check markup in an attribute; innerHTML is bad because there's no good way to syntax-check the contents of a string constant in JS; etc). If you can get it to be syntax-checked (as we have with srcdoc='', and as E4X does for XML constants in JS) then I don't really see a problem. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 15 November 2010 14:16:48 UTC