Please consider whether new APIs/functionality should be disabled by default in sandboxed iframes

When adding a new API or CSS/HTML feature, please consider whether it 
should be disabled by default in sandboxed iframes, with a sandbox token 
to enable.

Note that this is impossible to do post-facto to already-shipped APIs, 
due to breaking compat.  But for an API just being added, this is a 
reasonable option and should be strongly considered.

-Boris
0
Boris
1/11/2017 5:35:00 PM
mozilla.dev.platform 5487 articles. 0 followers. Post Follow

0 Replies
9 Views

Similar Articles

[PageSpeed] 13

Reply: