Re: Proposal: content-size value for 'height'

On Jul 16, 2008, at 4:50 PM, L. David Baron wrote:

> On Wednesday 2008-07-16 19:04 -0400, Michael A. Puls II wrote:
>>
>> Problem: Make an iframe or object's height expand to the height of  
>> its content
>>
>> Not a solution: height: 100%
>
> There's considerable discussion of this in
> https://bugzilla.mozilla.org/show_bug.cgi?id=80713 .
>
> Note that there are potential security issues because the size of
> the content of a page potentially leaks information (e.g., whether
> you're logged in to a site, etc.).

Overblown concerns, if you ask me, considering the obvious value of  
having iframes or other sub-documents that would be displayed  
appropriately without scrollbars. In theory, a picture can be a  
different size depending on if you are logged in, but that doesn't  
seem to disturb anyone. Those who have sign-on pages that they don't  
want explointed are already including JavaScript to block framing.

Received on Thursday, 17 July 2008 04:07:13 UTC