On Mon, 30 Aug 2010 23:13:04 +0100, Justin Schuh <jsc...@chromium.org> wrote:
At least as currently drafted, srcdoc is not a security feature. It's a convenience feature. It is also designed to work well in tandem with a particular security feature (sandbox). But by itself, it is not a security feature.Data URLs already provide this.
What about existing UAs that implement data: URIs, but not sandbox? -- regards, Kornel