The page
https://html.spec.whatwg.org/dev/iframe-embed-object.html
contains an example that has "usercontent.example.net" instead of e.g.
"video.example.com" used in the same chapter. It does have a warning saying
It is important to use a separate domain so that if the attacker
convinces
These domains are used specifically because they are reserved for that use
- https://www.iana.org/domains/reserved
If a non-reserved domain is used, it could be bought up by anyone and have
its content changed to something not appropriate for linking from official
spec documents.
The note is
model
https://www.w3.org/TR/2018/CR-css-display-3-20180828/#intro
* Definitions for blockification and inlinification
https://www.w3.org/TR/2018/CR-css-display-3-20180828/#transformations
* A glossary of key box model terms (largely extracted from CSS2.1)
https://www.w3.org/TR/2018/CR
