23914 2013-11-25 17:35:47 +0000 By not allowing cross site scripting you have removed all important use cases for seamless functionality. IMO if a page designer wants to include unsafe third party content - let them! Security should [...] 2013-11-25 17:53:46 +0000 1 1 1 Unclassified WHATWG HTML unspecified Other other RESOLVED DUPLICATE 23513 http://www.whatwg.org/specs/web-apps/current-work/#the-iframe-element P3 normal Unsorted 1 contributor ian ian mike contributor oldest_to_newest 96781 0 contributor 2013-11-25 17:35:47 +0000 Specification: http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html Multipage: http://www.whatwg.org/C#the-iframe-element Complete: http://www.whatwg.org/c#the-iframe-element Referrer: http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html Comment: By not allowing cross site scripting you have removed all important use cases for seamless functionality. IMO if a page designer wants to include unsafe third party content - let them! Security should be the consideration for the designer, not for the HTML spec writer. Posted from: 173.11.100.165 User agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:25.0) Gecko/20100101 Firefox/25.0 96784 1 ian 2013-11-25 17:53:46 +0000 *** This bug has been marked as a duplicate of bug 23513 ***