On Wed, 23 Oct 2002 15:06:26 GMT, [EMAIL PROTECTED] (Lincoln Yeoh) wrote: >In general, I still think it would be useful to have a way to mark out >potentially dangerous content - snippets of HTML which may not be in total >control of the website. Whether using the proposed tag or some other better >method.
Clarification - I meant mark not mark out. And "potentially dangerous content" = content not fully originating from the website, or content that the site is not confident that is safe. So maybe my proposal could be changed to a more general approach: <shieldson lock="randomstring" allowed="keyword,keyword,keyword" /> disallowed material disabled <shieldsoff lock="randomstring"/> keywords: textonly = just text basic = basic formatting <em> <b> <i> <strong> tables = tables urls= plain <a href=""> no javascript etc images= plain images, no javascript etc. java=java javascript=javascript. The keywords/categories could depend on how browser parsers are organized. I'm not sure how easy this would be to implement. It's best to keep it simple and less bug prone - don't want a buffer overflow in a safety feature! Cheerio, Link.
