[whatwg] Making cross-domain overlays more user-friendly

Rowan Nairn rnairn at gmail.com
Fri Feb 5 14:57:40 PST 2010

On Fri, Feb 5, 2010 at 2:46 PM, Boris Zbarsky <bzbarsky at mit.edu> wrote:
> On 2/5/10 5:40 PM, Rowan Nairn wrote:
>> - don't introduce new security issues like susceptibility to phishing
>> attacks
> ....
>> - The main URL bar should display the framed URL i.e.
>> http://destination-site.com/
> I'm having a really really really hard time reconciling these two,
> especially in the cases when the <iframe main> is not actually visible (e.g.
> is visibility:hidden).
>> - The browser should display some chrome around any elements from the
>> overlay page that signify them as foreign to the framed content
> Is this supposed to address the issue above?  If so the problem is, I'm not
> sure I see a good way to do this....  Then again, UI design is not my strong
> point.

Yes it is and yes you are right, my proposal is vague on that account.
 I don't have a good suggestion yet which would both provide enough
context to the user and not look horrible.  One way would be
displaying the URL of the overlay page next to any overlaid elements
along with an outline.  Maybe someone has a better idea?


More information about the whatwg mailing list