[whatwg] Please consider dropping the "sandbox" attribute from the <iframe> element

Ian Fette (イアンフェッティ) ifette at google.com
Sun Aug 1 19:08:22 PDT 2010


We (webkit/chrome) have had iframe sandbox implemented for over half a year.
We've found some bugs in implementation here and there and fixed them. It
solves a very real problem, has already been implemented, and your argument
provides absolutely no information. Can you elaborate?

On Sun, Aug 1, 2010 at 6:59 PM, Tantek Çelik <tantek at cs.stanford.edu> wrote:

> Summary: The new 'sandbox' feature on <iframe> should be considered
> for removal. It needs a security review, it will be a lot of work to
> implement properly, and may not actually solve the problem it is
> intending to solve.
>
> More details here:
>
> http://wiki.whatwg.org/wiki/Iframe_Sandbox
>
> I encourage fellow web authors and browser implementers to add their
> opinions/comments to that wiki page.
>
> Thanks!
>
> Tantek
>
> --
> http://tantek.com/ - I made an HTML5 tutorial! http://tantek.com/html5
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20100801/c97b4c42/attachment-0002.htm>


More information about the whatwg mailing list