[prev in list] [next in list] [prev in thread] [next in thread]
List: html5-commit-watchers
Subject: [html5] r4623 - [e] (0) Add an example of srcdoc='' and some usage
From: whatwg () whatwg ! org
Date: 2010-01-24 6:45:28
Message-ID: 20100124064528.0D46E1C84004 () ps20323 ! dreamhostps ! com
[Download RAW message or body]
Author: ianh
Date: 2010-01-23 22:45:25 -0800 (Sat, 23 Jan 2010)
New Revision: 4623
Modified:
complete.html
index
source
Log:
[e] (0) Add an example of srcdoc='' and some usage notes.
Modified: complete.html
===================================================================
--- complete.html 2010-01-24 02:56:58 UTC (rev 4622)
+++ complete.html 2010-01-24 06:45:25 UTC (rev 4623)
@@ -19694,10 +19694,48 @@
<div class=example>
- <p class=XXX>example for srcdoc here</p>
+ <p>Here a blog uses the <code title=attr-iframe-srcdoc><a \
href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction + with the \
<code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and \
<code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> \
attributes described + below to provide users of user agents that support this \
feature + with an extra layer of protection from script injection in the blog
+ post comments:</p>
+ <pre><article>
+ <h1>I got my own magazine!</h1>
+ <p>After much effort, I've finally found a publisher, and so now I
+ have my own magazine! Isn't that awesome?! The first issue will come
+ out in September, and we have articles about getting food, and about
+ getting in boxes, it's going to be great!</p>
+ <footer>
+ <p>Written by <a href="/users/cap">cap</a>.
+ <time pubdate>2009-08-21T23:32Z</time></p>
+ </footer>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:35Z</time>, <a \
href="/users/ch">ch</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>did you get a cover picture \
yet?"></iframe> + </article>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:44Z</time>, <a \
href="/users/cap">cap</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>Yeah, you can see it <a \
href=&quot;/gallery/cover/1&quot;>in my \
gallery</a>."></iframe> + </article>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:58Z</time>, <a \
href="/users/ch">ch</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>hey that's earl's table. +<p>you \
should get earl&amp;me on the next cover."></iframe> + \
</article></pre> +
</div>
+ <p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only
+ remember to use U+0022 QUOTATION MARK characters (") to wrap the
+ attribute contents and then to quote all U+0022 QUOTATION MARK (")
+ and U+0026 AMPERSAND (&) characters, and to specify the <code \
title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, \
to ensure safe + embedding of content.</p>
+
+ <p class=note>Due to restrictions of <span>the XML syntax</span>,
+ in XML a number of other characters need to be escaped also to
+ ensure correctness.</p>
+
<hr><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn>
attribute, if present, must be a <a href=#valid-browsing-context-name>valid \
browsing context name</a>. The given value is used to name the <a \
href=#nested-browsing-context>nested
Modified: index
===================================================================
--- index 2010-01-24 02:56:58 UTC (rev 4622)
+++ index 2010-01-24 06:45:25 UTC (rev 4623)
@@ -19594,10 +19594,48 @@
<div class=example>
- <p class=XXX>example for srcdoc here</p>
+ <p>Here a blog uses the <code title=attr-iframe-srcdoc><a \
href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction + with the \
<code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and \
<code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> \
attributes described + below to provide users of user agents that support this \
feature + with an extra layer of protection from script injection in the blog
+ post comments:</p>
+ <pre><article>
+ <h1>I got my own magazine!</h1>
+ <p>After much effort, I've finally found a publisher, and so now I
+ have my own magazine! Isn't that awesome?! The first issue will come
+ out in September, and we have articles about getting food, and about
+ getting in boxes, it's going to be great!</p>
+ <footer>
+ <p>Written by <a href="/users/cap">cap</a>.
+ <time pubdate>2009-08-21T23:32Z</time></p>
+ </footer>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:35Z</time>, <a \
href="/users/ch">ch</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>did you get a cover picture \
yet?"></iframe> + </article>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:44Z</time>, <a \
href="/users/cap">cap</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>Yeah, you can see it <a \
href=&quot;/gallery/cover/1&quot;>in my \
gallery</a>."></iframe> + </article>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:58Z</time>, <a \
href="/users/ch">ch</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>hey that's earl's table. +<p>you \
should get earl&amp;me on the next cover."></iframe> + \
</article></pre> +
</div>
+ <p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only
+ remember to use U+0022 QUOTATION MARK characters (") to wrap the
+ attribute contents and then to quote all U+0022 QUOTATION MARK (")
+ and U+0026 AMPERSAND (&) characters, and to specify the <code \
title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, \
to ensure safe + embedding of content.</p>
+
+ <p class=note>Due to restrictions of <span>the XML syntax</span>,
+ in XML a number of other characters need to be escaped also to
+ ensure correctness.</p>
+
<hr><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn>
attribute, if present, must be a <a href=#valid-browsing-context-name>valid \
browsing context name</a>. The given value is used to name the <a \
href=#nested-browsing-context>nested
Modified: source
===================================================================
--- source 2010-01-24 02:56:58 UTC (rev 4622)
+++ source 2010-01-24 06:45:25 UTC (rev 4623)
@@ -20949,10 +20949,51 @@
<div class="example">
- <p class="XXX">example for srcdoc here</p>
+ <p>Here a blog uses the <code
+ title="attr-iframe-srcdoc">srcdoc</code> attribute in conjunction
+ with the <code title="attr-iframe-sandbox">sandbox</code> and <code
+ title="attr-iframe-seamless">seamless</code> attributes described
+ below to provide users of user agents that support this feature
+ with an extra layer of protection from script injection in the blog
+ post comments:</p>
+ <pre><article>
+ <h1>I got my own magazine!</h1>
+ <p>After much effort, I've finally found a publisher, and so now I
+ have my own magazine! Isn't that awesome?! The first issue will come
+ out in September, and we have articles about getting food, and about
+ getting in boxes, it's going to be great!</p>
+ <footer>
+ <p>Written by <a href="/users/cap">cap</a>.
+ <time pubdate>2009-08-21T23:32Z</time></p>
+ </footer>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:35Z</time>, <a \
href="/users/ch">ch</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>did you get a cover picture \
yet?"></iframe> + </article>
+ <article>
+ <footer> At <time pubdate>2009-08-21T23:44Z</time>, <a \
href="/users/cap">cap</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>Yeah, you can see it <a \
href=&quot;/gallery/cover/1&quot;>in my gallery</a>."></iframe> + \
</article> + <article>
+ <footer> At <time pubdate>2009-08-21T23:58Z</time>, <a \
href="/users/ch">ch</a> writes: </footer> + <iframe seamless \
sandbox="allow-same-origin" srcdoc="<p>hey that's earl's table. +<p>you should \
get earl&amp;me on the next cover."></iframe> + </article></pre>
+
</div>
+ <p class="note">In <span>the HTML syntax</span>, authors need only
+ remember to use U+0022 QUOTATION MARK characters (") to wrap the
+ attribute contents and then to quote all U+0022 QUOTATION MARK (")
+ and U+0026 AMPERSAND (&) characters, and to specify the <code
+ title="attr-iframe-sandbox">sandbox</code> attribute, to ensure safe
+ embedding of content.</p>
+
+ <p class="note">Due to restrictions of <span>the XML syntax</span>,
+ in XML a number of other characters need to be escaped also to
+ ensure correctness.</p>
+
<hr>
<p>The <dfn title="attr-iframe-name"><code>name</code></dfn>
_______________________________________________
Commit-Watchers mailing list
Commit-Watchers@lists.whatwg.org
http://lists.whatwg.org/listinfo.cgi/commit-watchers-whatwg.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic