[whatwg] iframe sandbox attribute

[Boris Zbarsky]

On 3/26/12 3:13 PM, Mounir Lamouri wrote:
> I do not like [PutForwards=value] but I still believe
> DOMSettableTokenList is useful.

I think the issue in this case is that the DOMSettableTokenList 
representation of the sandbox attribute, as specced, cannot distinguish 
between "not sandboxed at all" and "sandboxed, with no loosening of any 
restrictions".

That makes it very difficult to use, in my opinion.  Very easy to shoot 
yourself in the foot.

-Boris