- From: David Woolley <david@djwhome.demon.co.uk>
- Date: Thu, 22 Aug 2002 11:14:36 +0100
- To: <www-html@w3.org>
> <!ATTLIST ...
> trust (trusted|marginal|untrusted) trusted
> >
I like this much better than an element. This does seem to
be attribute, rather than element material (i.e. out of band).
> untrusted:
> scripting elements will be ignored
I don't think the specification should specify how the attribute should be
handled, only explain the degree of confidence implied. An equally good
browser implementation might be to force the IE security zone down one or
two levels, but let the user decide what they allow for those levels.
Whilst, in this modified form, it might be legally safer (IANAL) than non-language
alternatives (you are not telling the user what they have to do to be safe), my
view is that much better approaches would be:
1) not to use technologies that you consider unsafe, even in your part (unless you
expect your site to be in the equvialent of the IE trusted zone, the user may have
to enable them for your site and leave them on for the next, less trustworthy one);
2) parse out the HTML and regenerate it with well formed structure and only the
attributes that you consider safe.
Received on Thursday, 22 August 2002 06:15:44 UTC