[whatwg] Please disallow "javascript:" URLs in browser address bars

Ryosuke Niwa ryosuke.niwa at gmail.com
Fri Jul 23 11:36:05 PDT 2010

I second that call.  While your suggestion seems to prevent some existing
social engineering, you must realize that HTML5 isn't going to be
recommended until ~2020.  By that time, everything we talk about social
engineering today will be completely obsolete.  Things like this are best
left to be taken care by UA vendors.  I suggest that you write a formal
request and send it to major UA vendors such as Apple, Google, Microsoft,
Opera, etc...

On Fri, Jul 23, 2010 at 8:26 AM, João Eiras <joaoe at opera.com> wrote:

> On Thu, 22 Jul 2010 21:32:39 +0100, Luke Hutchison <luke.hutch at mit.edu>
> wrote:
>  [snip]
>> Comments, please?
> This is entirely out of scope of any specification and 100% an user agent
> UI issue.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20100723/ed1add49/attachment-0001.htm>

More information about the whatwg mailing list