[whatwg] some thoughts on sandboxed IFRAMEs
Tab Atkins Jr.
jackalmage at gmail.com
Mon Jan 25 15:47:42 PST 2010
On Mon, Jan 25, 2010 at 5:45 PM, Alex Russell <slightlyoff at google.com> wrote:
> Sorry I'm late to this discussion. Would like to add my objection to
> using attribute string escaping as a security "feature" in any way. I
> strongly prefer required nonces attached to opening and closing of
> sections.
Do you have any suggestions on how to fix the issues that have already
been raised against that?
~TJ
More information about the whatwg
mailing list