[whatwg] The problem of duplicate ID as a security issue
Alexey Feldgendler
alexey at feldgendler.ru
Fri Jun 8 00:39:17 PDT 2007
On Fri, 08 Jun 2007 08:13:07 +0200, Ian Hickson <ian at hixie.ch> wrote:
>>> True. I don't have a good solution to this that doesn't involve code
>>> on the server-side, though.
>> Some form of sandboxing would be one.
> If sandboxing would solve it then I'll treat this issue as closed and
> deal with the sandboxing problems separately.
Only some form of sandboxing would solve this, not any form. To solve this
issue, the sandboxing solution has to meet additional an requirement:
addressability of content in sandboxes, possibly using a qualified form
(e.g. URL#sandboxID+innerID).
--
Alexey Feldgendler <alexey at feldgendler.ru>
[ICQ: 115226275] http://feldgendler.livejournal.com
More information about the whatwg
mailing list