[whatwg] Making cross-domain overlays more user-friendly

Boris Zbarsky bzbarsky at MIT.EDU
Fri Feb 5 14:46:20 PST 2010


On 2/5/10 5:40 PM, Rowan Nairn wrote:
> - don't introduce new security issues like susceptibility to phishing attacks
....

> - The main URL bar should display the framed URL i.e.
> http://destination-site.com/

I'm having a really really really hard time reconciling these two, 
especially in the cases when the <iframe main> is not actually visible 
(e.g. is visibility:hidden).

> - The browser should display some chrome around any elements from the
> overlay page that signify them as foreign to the framed content

Is this supposed to address the issue above?  If so the problem is, I'm 
not sure I see a good way to do this....  Then again, UI design is not 
my strong point.

-Boris



More information about the whatwg mailing list