Skip to site navigation (Press enter)
Re: [whatwg] The
element and sandboxing ideas</span></a></span> </h1> <p class="darkgray font13"> <span class="sender pipe"><a href="/search?l=whatwg@lists.whatwg.org&q=from:%22Adam+Barth%22" rel="nofollow"><span itemprop="author" itemscope itemtype="http://schema.org/Person"><span itemprop="name">Adam Barth</span></span></a></span> <span class="date"><a href="/search?l=whatwg@lists.whatwg.org&q=date:20090213" rel="nofollow">Fri, 13 Feb 2009 15:50:50 -0800</a></span> </p> </div> <div itemprop="articleBody" class="msgBody"> <!--X-Body-of-Message--> <pre>On Fri, Feb 13, 2009 at 3:06 PM, Ian Hickson <i...@hixie.ch> wrote: > Indeed. If someone can come up with a way of making this work in legacy > UAs, I'd certainly be happy to change the spec to do that.</pre><pre> Here's a suggestion. When requesting the contents of a sandboxed iframe, send an HTTP header that contains the sandbox policy: X-HTML-Sandbox-Policy: allow-forms, allow-scripts Servers can decide not to serve untrusted content if they don't see a sandbox policy they like. Adam </pre> </div> <div class="msgButtons margintopdouble"> <ul class="overflow"> <li class="msgButtonItems"><a class="button buttonleft " accesskey="p" href="msg13646.html">Previous message</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="c" href="thrd5.html#13649">View by thread</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="i" href="mail5.html#13649">View by date</a></li> <li class="msgButtonItems textalignright"><a class="button buttonright " accesskey="n" href="msg14521.html">Next message</a></li> </ul> </div> <a name="tslice"></a> <div class="tSliceList margintopdouble"> <ul class="icons monospace"> <li class="icons-email"><span class="subject"><a href="msg13645.html">Re: [whatwg] The <iframe> element and sandboxing ideas</a></span> <span class="sender italic">Ian Hickson</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg13646.html">Re: [whatwg] The <iframe> element and sandboxing id...</a></span> <span class="sender italic">Ian Hickson</span></li> <li><ul> <li class="icons-email tSliceCur"><span class="subject">Re: [whatwg] The <iframe> element and sandboxin...</span> <span class="sender italic">Adam Barth</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg14521.html">Re: [whatwg] The <iframe> element and sandb...</a></span> <span class="sender italic">Ian Hickson</span></li> </ul></li> </ul></li> <li class="icons-email"><span class="subject"><a href="msg13647.html">Re: [whatwg] The <iframe> element and sandboxing id...</a></span> <span class="sender italic">Ian Hickson</span></li> <li class="icons-email"><span class="subject"><a href="msg13648.html">Re: [whatwg] The <iframe> element and sandboxing id...</a></span> <span class="sender italic">Ian Hickson</span></li> <li class="icons-email"><span class="subject"><a href="msg13653.html">Re: [whatwg] The <iframe> element and sandboxing id...</a></span> <span class="sender italic">Ian Hickson</span></li> <li class="icons-email"><span class="subject"><a href="msg13654.html">Re: [whatwg] The <iframe> element and sandboxing id...</a></span> <span class="sender italic">Ian Hickson</span></li> <li class="icons-email"><span class="subject"><a href="msg13668.html">Re: [whatwg] The <iframe> element and sandboxing id...</a></span> <span class="sender italic">Ian Hickson</span></li> <li class="icons-email"><span class="subject"><a href="msg13669.html">Re: [whatwg] The <iframe> element and sandboxing id...</a></span> <span class="sender italic">Ian Hickson</span></li> </ul> </ul> </div> <div class="overflow msgActions margintopdouble"> <div class="msgReply" > <h2> Reply via email to </h2> <form method="POST" action="/mailto.php"> <input type="hidden" name="subject" value="Re: [whatwg] The <iframe> element and sandboxing ideas"> <input type="hidden" name="msgid" value="7789133a0902131550l33a5d69cgaaf456cf1c92f097@mail.gmail.com"> <input type="hidden" name="relpath" value="whatwg@lists.whatwg.org/msg13649.html"> <input type="submit" value=" Adam Barth "> </form> </div> </div> </div> <div class="aside" role="complementary"> <div class="logo"> <a href="/"><img src="/logo.png" width=247 height=88 alt="The Mail Archive"></a> </div> <form class="overflow" action="/search" method="get"> <input type="hidden" name="l" value="whatwg@lists.whatwg.org"> <label class="hidden" for="q">Search the site</label> <input class="submittext" type="text" id="q" name="q" placeholder="Search whatwg"> <input class="submitbutton" name="submit" type="image" src="/submit.png" alt="Submit"> </form> <div class="nav margintop" id="nav" role="navigation"> <ul class="icons font16"> <li class="icons-home"><a href="/">The Mail Archive home</a></li> <li class="icons-list"><a href="/whatwg@lists.whatwg.org/">whatwg - all messages</a></li> <li class="icons-about"><a href="/whatwg@lists.whatwg.org/info.html">whatwg - about the list</a></li> <li class="icons-expand"><a href="/search?l=whatwg@lists.whatwg.org&q=subject:%22Re%5C%3A+%5C%5Bwhatwg%5C%5D+The+%3Ciframe%3E+element+and+sandboxing+ideas%22&o=newest&f=1" title="e" id="e">Expand</a></li> <li class="icons-prev"><a href="msg13646.html" title="p">Previous message</a></li> <li class="icons-next"><a href="msg14521.html" title="n">Next message</a></li> </ul> </div> <div class="listlogo margintopdouble"> </div> <div class="margintopdouble"> </div> </div> </div> <div class="footer" role="contentinfo"> <ul> <li><a href="/">The Mail Archive home</a></li> <li><a href="/faq.html#newlist">Add your mailing list</a></li> <li><a href="/faq.html">FAQ</a></li> <li><a href="/faq.html#support">Support</a></li> <li><a href="/faq.html#privacy">Privacy</a></li> <li class="darkgray">7789133a0902131550l33a5d69cgaaf456cf1c92f097@mail.gmail.com</li> </ul> </div> </body> </html>