[whatwg] Dealing with UI redress vulnerabilities inherent to the current web

Elliotte Harold elharo at metalab.unc.edu
Fri Sep 26 08:31:33 PDT 2008


Kristof Zelechovski wrote:
> Prohibiting third-party embedded content would disable media embedded in
> blogs.


Absolutely false. The media simply needs to be served from the same host 
the blog itself is. This is how almost all the media in my blogs works 
today. What little content comes from a 3rd party site in my blogs 
(mostly from laziness) could easily be moved to the sites that serve the 
blogs.

-- 
Elliotte Rusty Harold  elharo at metalab.unc.edu
Refactoring HTML Just Published!
http://www.amazon.com/exec/obidos/ISBN=0321503635/ref=nosim/cafeaulaitA



More information about the whatwg mailing list