[whatwg] Please consider dropping the "sandbox" attribute from the <iframe> element
w3c at adambarth.com
Sun Aug 1 21:31:26 PDT 2010
There's been a lot of security review, both on this list and in the
W3C HTML WG. I've been meaning to write up a summary of all the
discussion, but I haven't gotten around to it yet. We ended up
tweaking a few aspects, but generally the design seems solid.
On Sun, Aug 1, 2010 at 6:59 PM, Tantek Çelik <tantek at cs.stanford.edu> wrote:
> Summary: The new 'sandbox' feature on <iframe> should be considered
> for removal. It needs a security review, it will be a lot of work to
> implement properly, and may not actually solve the problem it is
> intending to solve.
> More details here:
> I encourage fellow web authors and browser implementers to add their
> opinions/comments to that wiki page.
> http://tantek.com/ - I made an HTML5 tutorial! http://tantek.com/html5
More information about the whatwg