Re: [xsl] HTML5 semantics and XSLT

Subject: Re: [xsl] HTML5 semantics and XSLT
From: "Liam R. E. Quin liam@xxxxxxxxxxxxxxxx" <xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 23 Feb 2022 19:03:27 -0000

On Wed, 2022-02-23 at 18:37 +0000, Piez, Wendell A. (Fed)
wendell.piez@xxxxxxxx wrote:
> Hi again,
> 
> To Mike's question "And presumably any harm that can be done using
> this exploit could equally be done by executing untrusted HTML in the
> browser directly?"
> 
> Indeed it could.

This is why there are sandbox facilities in HTML, in which you can say,
"beneath this element, no scripting is allowed and any additional CSS
rules will be ignored". The mechanism gives separate control over
script, style, iframe.

Liam

-- 
Liam Quin,B https://www.delightfulcomputing.com/
Available for XML/Document/Information Architecture/XSLT/
XSL/XQuery/Web/Text Processing/A11Y training, work & consulting.
Barefoot Web-slave, antique illustrations: B http://www.fromoldbooks.org

Current Thread
[xsl] HTML5 semantics and XSLT Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 16:30:45 -0000 Michael Kay mike@xxxxxxxxxxxx - 23 Feb 2022 16:47:03 -0000 Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 18:30:40 -0000 Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 18:36:09 -0000 Liam R. E. Quin liam@xxxxxxxxxxxxxxxx - 23 Feb 2022 19:03:28 -0000 <= Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 19:33:52 -0000 Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 19:42:52 -0000 Liam R. E. Quin liam@xxxxxxxxxxxxxxxx - 24 Feb 2022 00:55:32 -0000 Norm Tovey-Walsh ndw@xxxxxxxxxx - 23 Feb 2022 16:51:19 -0000

Current Thread

[xsl] HTML5 semantics and XSLT
- Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 16:30:45 -0000
  - Michael Kay mike@xxxxxxxxxxxx - 23 Feb 2022 16:47:03 -0000
    - Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 18:30:40 -0000
    - Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 18:36:09 -0000
      - Liam R. E. Quin liam@xxxxxxxxxxxxxxxx - 23 Feb 2022 19:03:28 -0000 <=
      - Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 19:33:52 -0000
      - Piez, Wendell A. (Fed) wendell.piez@xxxxxxxx - 23 Feb 2022 19:42:52 -0000
      - Liam R. E. Quin liam@xxxxxxxxxxxxxxxx - 24 Feb 2022 00:55:32 -0000
  - Norm Tovey-Walsh ndw@xxxxxxxxxx - 23 Feb 2022 16:51:19 -0000

<- Previous	Index	Next ->
Re: [xsl] HTML5 semantics and XSLT, Piez, Wendell A. (Fe	Thread	Re: [xsl] HTML5 semantics and XSLT, Piez, Wendell A. (Fe
Re: [xsl] HTML5 semantics and XSLT, Piez, Wendell A. (Fe	Date	Re: [xsl] HTML5 semantics and XSLT, Piez, Wendell A. (Fe
	Month

<- Previous

Index

Next ->

Re: [xsl] HTML5 semantics and XSLT, Piez, Wendell A. (Fe

Thread

Re: [xsl] HTML5 semantics and XSLT, Piez, Wendell A. (Fe

Date

Re: [xsl] HTML5 semantics and XSLT, Piez, Wendell A. (Fe

Month

<-prev [Thread] next->	<-prev [Date] next->
Month Index \| List Home