[whatwg] The <iframe> element and sandboxing ideas

Edward Z. Yang edwardzyang at thewritingpot.com
Wed Jul 23 18:29:54 PDT 2008

Frode Børli wrote:
> <td colspan='javascript(a + 5)'></td>
> Where a javascript returns the value in the colspan attribute. Many
> server side HTML sanitizers would have to be updated - unless we
> introduce a proper sandbox.

Or the HTML sanitizer could have done things properly and checked if
colspan was a numeric value. :-)

Disclaimer: I am one of those authors of server side HTML sanitizers you
speak of.

More information about the whatwg mailing list