- From: Ian Hickson <ian@hixie.ch>
- Date: Mon, 26 Mar 2012 22:19:32 +0000 (UTC)
On Mon, 26 Mar 2012, Boris Zbarsky wrote: > On 3/26/12 3:13 PM, Mounir Lamouri wrote: > > I do not like [PutForwards=value] but I still believe > > DOMSettableTokenList is useful. > > I think the issue in this case is that the DOMSettableTokenList > representation of the sandbox attribute, as specced, cannot distinguish > between "not sandboxed at all" and "sandboxed, with no loosening of any > restrictions". > > That makes it very difficult to use, in my opinion. Very easy to shoot > yourself in the foot. Changing it to a string doesn't affect that, though, does it? We can certainly add an attribute to DOMSettableTokenList (or rather, a descendant, for use specifically with iframe.sandbox) that does the same as .hasAttribute(), e.g.: iframe.sandbox.present ...or something, if that would help. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 26 March 2012 15:19:32 UTC