I wanted to suggest a globalized standard for isolating document contents within all presentation layer web environments. Something along the lines of <!—[ISOLATE trust=’minimum’ valid-sources=URL( https://document-sources.mysite.com/myClient.xml )] --> Which would negate access for any external scripts to interact with document contents (for example, a banner advertisement harvesting data from a contact list). Perhaps as a precautionary measure as well, the banner scripts could be preceded with: <!—[ISOLATE trust=’none’ ]--> To force a new process that does not have access to any but minimal presentation layer options. This may prevent advertisers from injecting spyware onto target operating systems.
