- From: Daniel Veditz <dveditz@mozilla.com>
- Date: Thu, 9 Jul 2015 08:28:03 -0700
- To: Mike West <mkwst@google.com>
- Cc: David Bruant <bruant.d@gmail.com>, Chris Coyier <chriscoyier@gmail.com>, WHAT Working Group Mailing List <whatwg@whatwg.org>, Boris Zbarsky <bzbarsky@mit.edu>, Alex Russell <slightlyoff@google.com>, Ian Hickson <ian@hixie.ch>
On Mon, Jul 6, 2015 at 2:47 AM, Mike West <mkwst@google.com> wrote: > I've dropped the opener/openee-disowning behavior from my proposal, > and renamed the sandboxing keyword to `allow-popups-to-escape-sandbox` in > > https://wiki.whatwg.org/index.php?title=Iframe_sandbox_improvments&diff=9958&oldid=9955 It appears that this new keyword as described would still require the use of allow-popups in addition to allow-popups-to-escape-sandbox. Since it doesn't make any sense on its own can you change it so that either keyword allows popups to happen? That it, propose changing [Set] The sandboxed auxiliary navigation browsing context flag <https://developers.whatwg.org/origin-0.html#sandboxed-auxiliary-navigation-browsing-context-flag>, unless tokens contains the allow-popups keyword. to [Set] The sandboxed auxiliary navigation browsing context flag <https://developers.whatwg.org/origin-0.html#sandboxed-auxiliary-navigation-browsing-context-flag>, unless tokens contains the allow-popups or *allow-popups-to-escape-sandbox* keyword. (might then require changing -to-escape- to -that-escape-) You question to bz was "can you live with it", and I can live with it. I wish it could be shorter, but my attempts (allow-popups-unsandboxed or allow-unsandboxed-popups) weren't much shorter. Keeping "allow popups" in there is good, especially if it can be used in place of regular allow-popups. using the word "sandbox" is better than anything about "auxiliary contexts". - Dan Veditz
Received on Thursday, 9 July 2015 15:28:30 UTC