[whatwg] some thoughts on sandboxed IFRAMEs

Tab Atkins Jr. jackalmage at gmail.com
Mon Jan 25 15:47:42 PST 2010


On Mon, Jan 25, 2010 at 5:45 PM, Alex Russell <slightlyoff at google.com> wrote:
> Sorry I'm late to this discussion. Would like to add my objection to
> using attribute string escaping as a security "feature" in any way. I
> strongly prefer required nonces attached to opening and closing of
> sections.

Do you have any suggestions on how to fix the issues that have already
been raised against that?

~TJ


More information about the whatwg mailing list