Re: [whatwg] Proposal: Two changes to iframe@sandbox from Mike West on 2015-06-23 (public-whatwg-archive@w3.org from June 2015)

From: Mike West <mkwst@google.com>
Date: Tue, 23 Jun 2015 11:14:17 +0200
To: WHAT Working Group Mailing List <whatwg@whatwg.org>
Cc: Chris Coyier <chriscoyier@gmail.com>, David Bruant <bruant.d@gmail.com>, Ian Hickson <ian@hixie.ch>, Boris Zbarsky <bzbarsky@mit.edu>, Alex Russell <slightlyoff@google.com>
Message-ID: <CAKXHy=eybZUvHfnEqEPB8abgPbgfSz_o0quNELRZjuYY_5iYAA@mail.gmail.com>

After some conversation with bz (CC'd), I've slightly formalized the
description of the feature at
https://wiki.whatwg.org/wiki/Iframe_sandbox_improvments.

This is something that I'd like to ship in Chrome in the somewhat near
future. See the "Intent to Ship" at
https://groups.google.com/a/chromium.org/d/msg/blink-dev/wXbgxLu63Fo/YtsqkySmTWcJ.
Feedback, positive or negative, would be appreciated (either here or
there). :)

-mike

--
Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

On Sun, May 17, 2015 at 8:59 PM, Mike West <mkwst@google.com> wrote:

> On Mon, May 11, 2015 at 6:11 AM, Mike West <mkwst@google.com> wrote:
>>
>> 2. Add a `allow-unsandboxed-auxiliary` keyword to those supported by the
>> `sandbox` attribute, which, when present, would allow auxiliary browsing
>> contexts created by `window.open` and `target="_blank"` links to create
>> clean browsing contexts, unaffected by the sandbox which spawned them.
>>
>
> This flag is in the latest Chrome Canary,
> behind chrome://flags/#enable-experimental-web-platform-features, if anyone
> is interested in playing with the feature.
>
> Given the generally positive response on this thread, WDYT about adding it
> to HTML, hixie@?
>
> I'd like to circle back to the `allow-modals` proposal once
> https://www.chromestatus.com/metrics/feature/timeline/popularity/767 hits
> stable and starts bringing in reliable data (~12 weeks). I'll ping the
> thread again then. :)
>
> -mike
>
> --
> Mike West <mkwst@google.com>, @mikewest
>
> Google Germany GmbH, Dienerstrasse 12, 80331 München,
> Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
> Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
> Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>

Received on Tuesday, 23 June 2015 09:15:09 UTC