[e] (0) Uh. Forgot the sandbox attribute... I guess that's the bigges…

…t security risk with this... (also, seamless DOM attribute was the wrong type on the interface) git-svn-id: http://svn.whatwg.org/webapps@1652 340c8d12-0b0e-0410-8428-c7bf67bfef74
whatwg · May 21, 2008 · 0eab1dd · 0eab1dd
1 parent 97c2cf7
commit 0eab1dd
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/index b/index
@@ -14193,7 +14193,7 @@ the time Marco had stuck his tongue out...&lt;/p></pre>
            attribute DOMString <a href="#src2" title=dom-iframe-src>src</a>;
            attribute DOMString <a href="#name2" title=dom-iframe-name>name</a>;
            attribute DOMString <a href="#sandbox0" title=dom-iframe-sandbox>sandbox</a>;
-           attribute DOMString <a href="#seamless1" title=dom-iframe-seamless>seamless</a>;<!--
+           boolean DOMString <a href="#seamless1" title=dom-iframe-seamless>seamless</a>;<!--
   readonly attribute Document <span title="dom-iframe-contentDocument">contentDocument</span>;
   readonly attribute <span>Window</span> <span title="dom-iframe-contentWindow">contentWindow</span>;-->
 };</pre>
@@ -14388,7 +14388,7 @@ the time Marco had stuck his tongue out...&lt;/p></pre>
     windows it itself embeds).</p>
 
    <pre>&lt;p>We're not scared of you! Here is your content, unedited:&lt;/p>
-&lt;iframe src="getusercontent.cgi?id=12193">&lt;/iframe></pre>
+&lt;iframe sandbox src="getusercontent.cgi?id=12193">&lt;/iframe></pre>
 
    <p>Note that cookies are still send to the server in the <code
     title="">getusercontent.cgi</code> request, though they are not visible

diff --git a/source b/source
@@ -12215,7 +12215,7 @@ the time Marco had stuck his tongue out...&lt;/p></pre>
            attribute DOMString <span title="dom-iframe-src">src</span>;
            attribute DOMString <span title="dom-iframe-name">name</span>;
            attribute DOMString <span title="dom-iframe-sandbox">sandbox</span>;
-           attribute DOMString <span title="dom-iframe-seamless">seamless</span>;<!--
+           boolean DOMString <span title="dom-iframe-seamless">seamless</span>;<!--
   readonly attribute Document <span title="dom-iframe-contentDocument">contentDocument</span>;
   readonly attribute <span>Window</span> <span title="dom-iframe-contentWindow">contentWindow</span>;-->
 };</pre>
@@ -12432,7 +12432,7 @@ the time Marco had stuck his tongue out...&lt;/p></pre>
    embeds).</p>
 
    <pre>&lt;p>We're not scared of you! Here is your content, unedited:&lt;/p>
-&lt;iframe src="getusercontent.cgi?id=12193">&lt;/iframe></pre>
+&lt;iframe sandbox src="getusercontent.cgi?id=12193">&lt;/iframe></pre>
 
    <p>Note that cookies are still send to the server in the <code
    title="">getusercontent.cgi</code> request, though they are not