[whatwg] Please disallow "javascript:" URLs in browser address bars
Ryosuke Niwa
ryosuke.niwa at gmail.com
Fri Jul 23 11:36:05 PDT 2010
I second that call. While your suggestion seems to prevent some existing
social engineering, you must realize that HTML5 isn't going to be
recommended until ~2020. By that time, everything we talk about social
engineering today will be completely obsolete. Things like this are best
left to be taken care by UA vendors. I suggest that you write a formal
request and send it to major UA vendors such as Apple, Google, Microsoft,
Opera, etc...
On Fri, Jul 23, 2010 at 8:26 AM, João Eiras <joaoe at opera.com> wrote:
> On Thu, 22 Jul 2010 21:32:39 +0100, Luke Hutchison <luke.hutch at mit.edu>
> wrote:
>
> [snip]
>>
>> Comments, please?
>>
>
> This is entirely out of scope of any specification and 100% an user agent
> UI issue.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20100723/ed1add49/attachment.htm>
More information about the whatwg
mailing list