W3C home > Mailing lists > Public > whatwg@whatwg.org > July 2011

[whatwg] Iframe Sandbox Attribute - allow-plugins?

From: Adam Barth <w3c@adambarth.com>
Date: Wed, 13 Jul 2011 13:31:19 -0700
Message-ID: <CAJE5ia-vbPhDXZ17VtxA9zVs5D_fCYzfniqhr+YLwVxCN4E0cQ@mail.gmail.com>
Adding allow-plugins today would defeat the prevention of parent redirection.

The short answer is we need an API for informing plugins of the
sandbox flags and a way of confirming that the plugins understand
those bits before we can allow plugins inside sandboxed frames.

Adam


On Wed, Jul 13, 2011 at 12:53 PM, John Richards
<johnmrrichards at gmail.com> wrote:
> http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-sandbox
>
> Are there plans to have an 'allow-plugins' value?
>
> I'm assuming there will be use-cases where the only protection that is
> desired is prevention of parent redirection.
>
> Thanks
>
Received on Wednesday, 13 July 2011 13:31:19 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:34 UTC