Re: Tag to disable unwanted features? from Lincoln Yeoh on 2007-08-10 (www-html@w3.org from August 2007)

From: Lincoln Yeoh <lyeoh@pop.jaring.my>
Date: Sat, 11 Aug 2007 00:58:00 +0800
To: David Woolley <forums@david-woolley.me.uk>, www-html@w3.org
Message-Id: <200708101701.l7AH1Vrc039949@smtp4.jaring.my>

At 03:05 PM 8/10/2007, David Woolley wrote:

>Lincoln Yeoh wrote:
>>I think it's way overdue to have a security oriented tag to disable 
>>unwanted features. I proposed something like this here 5 years ago 
>>(2002), and I'm back here to propose it again.
>
>Where were you when Google implemented this wrongly, by using 
>attributes on links that were potentially link spam because they 
>were third party sourced?

Where? Doing a bit of IT security work. Not in Google of course. Not 
as if I'd be smart or hardworking enough to find the Nth prime in the 
digits of e and stuff like that :).

>>Recap on why such tags are needed:
>
>I presume you mean element, not tag.
>
>In a semantic language, like XHTML (your examples are for XHTML, not 
>HTML), you should not attempt to tell the browser what to do, you 
>should  simply tell it that some content is from an unvetted third 
>party source.

OK, please assume whatever will be used most by browsers. In a 
previous proposal 5 years back I tried to give examples in an HTML 
style (broken HTML probably), but was told to use an XHTML style. :)

>As noted, you should not be marking up documents with technology 
>specific directives.
>
>Ouch.  Shades of tag soup.  You have created elements that behave 
>like tag soup use of mis-nested open and close tags.  If  you really 
>want to do that sort of thing, you should use processing instructions, instead.
>
>However, especially as you are already assuming the use of XHTML, 
>you should simply check the enclosed content for well formedness and 
>then set an appropriate untrusted attribute on the containing element.
>
>Incidentally, as Google have demonstrated, a elements are not part 
>of safe HTML, so there is no H in safe HTML!

Thanks for your response.

I would like to clarify that my main intention here is to point out 
that the "car" (HTML) needs "brakes". I'm pretty sure they're needed.

I'm not too bothered what form they take, just so long as HTML gets 
safe and useful brakes ASAP.

The browser and website creators definitely need a bit more help from 
the w3c to make things safer, it's not enough to tell them "here's 
feature XYZ, BTW you should do things safely and deploy the airbags 
(throw a security exception) when bad stuff happens".

Since I'm far from an expert[1] in this area, I'm hoping that the 
expert "car designers" here would know where best to put the brakes 
and how they should look, behave and be controlled.

Regards,
Link.

[1] That said, I do know how to use <a href="?foo">bar</a> to link to 
a new page without resorting to using javascript or flash ;).

Received on Friday, 10 August 2007 17:02:07 UTC