[whatwg] Please consider dropping the "sandbox" attribute from the <iframe> element

Adam Barth w3c at adambarth.com
Sun Aug 1 21:31:26 PDT 2010


There's been a lot of security review, both on this list and in the
W3C HTML WG.  I've been meaning to write up a summary of all the
discussion, but I haven't gotten around to it yet.  We ended up
tweaking a few aspects, but generally the design seems solid.

Adam


On Sun, Aug 1, 2010 at 6:59 PM, Tantek Çelik <tantek at cs.stanford.edu> wrote:
> Summary: The new 'sandbox' feature on <iframe> should be considered
> for removal. It needs a security review, it will be a lot of work to
> implement properly, and may not actually solve the problem it is
> intending to solve.
>
> More details here:
>
> http://wiki.whatwg.org/wiki/Iframe_Sandbox
>
> I encourage fellow web authors and browser implementers to add their
> opinions/comments to that wiki page.
>
> Thanks!
>
> Tantek
>
> --
> http://tantek.com/ - I made an HTML5 tutorial! http://tantek.com/html5
>



More information about the whatwg mailing list