[html5] r1652 - /

whatwg at whatwg.org whatwg at whatwg.org
Tue May 20 21:32:03 PDT 2008 

Author: ianh
Date: 2008-05-20 21:32:02 -0700 (Tue, 20 May 2008)
New Revision: 1652

Modified:
   index
   source
Log:
[e] (0) Uh. Forgot the sandbox attribute... I guess that's the biggest security risk with this... (also, seamless DOM attribute was the wrong type on the interface)

Modified: index
===================================================================
--- index	2008-05-21 03:51:21 UTC (rev 1651)
+++ index	2008-05-21 04:32:02 UTC (rev 1652)
@@ -14193,7 +14193,7 @@
            attribute DOMString <a href="#src2" title=dom-iframe-src>src</a>;
            attribute DOMString <a href="#name2" title=dom-iframe-name>name</a>;
            attribute DOMString <a href="#sandbox0" title=dom-iframe-sandbox>sandbox</a>;
-           attribute DOMString <a href="#seamless1" title=dom-iframe-seamless>seamless</a>;<!--
+           boolean DOMString <a href="#seamless1" title=dom-iframe-seamless>seamless</a>;<!--
   readonly attribute Document <span title="dom-iframe-contentDocument">contentDocument</span>;
   readonly attribute <span>Window</span> <span title="dom-iframe-contentWindow">contentWindow</span>;-->
 };</pre>
@@ -14388,7 +14388,7 @@
     windows it itself embeds).</p>
 
    <pre><p>We're not scared of you! Here is your content, unedited:</p>
-<iframe src="getusercontent.cgi?id=12193"></iframe></pre>
+<iframe sandbox src="getusercontent.cgi?id=12193"></iframe></pre>
 
    <p>Note that cookies are still send to the server in the <code
     title="">getusercontent.cgi</code> request, though they are not visible

Modified: source
===================================================================
--- source	2008-05-21 03:51:21 UTC (rev 1651)
+++ source	2008-05-21 04:32:02 UTC (rev 1652)
@@ -12215,7 +12215,7 @@
            attribute DOMString <span title="dom-iframe-src">src</span>;
            attribute DOMString <span title="dom-iframe-name">name</span>;
            attribute DOMString <span title="dom-iframe-sandbox">sandbox</span>;
-           attribute DOMString <span title="dom-iframe-seamless">seamless</span>;<!--
+           boolean DOMString <span title="dom-iframe-seamless">seamless</span>;<!--
   readonly attribute Document <span title="dom-iframe-contentDocument">contentDocument</span>;
   readonly attribute <span>Window</span> <span title="dom-iframe-contentWindow">contentWindow</span>;-->
 };</pre>
@@ -12432,7 +12432,7 @@
    embeds).</p>
 
    <pre><p>We're not scared of you! Here is your content, unedited:</p>
-<iframe src="getusercontent.cgi?id=12193"></iframe></pre>
+<iframe sandbox src="getusercontent.cgi?id=12193"></iframe></pre>
 
    <p>Note that cookies are still send to the server in the <code
    title="">getusercontent.cgi</code> request, though they are not

More information about the Commit-Watchers mailing list