[whatwg] Content Restrictions
gerv at mozilla.org
Mon Mar 6 02:48:08 PST 2006
Alexey Feldgendler wrote:
> I never said that the website won't have to do HTML cleaning for
> user-supplied content. But with HTML 5 reference parsing algorithm, such
> cleaning is going to be much easier and straightforward: parse the text
> into DOM (as if it was inside BODY, for example), remove or modify
> forbidden elements, then serialize it. That way, </SANDBOX> will be
> ignored as an easy parse error because it doesn't match an opening tag
> within the user-supplied text. An unclosed comment will be ignored, too.
Er, what defines "the user-supplied content"? Surely it's the <SANDBOX>
tags? So how can you say "A </SANDBOX> inside the user-supplied content
will be ignored", as you don't know whether a </SANDBOX> you encounter
is the end of the sandbox or not?
Or are you suggesting that only one sandbox per page is allowed, and the
user agent should use the outermost </SANDBOX> tag?
More information about the whatwg