Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Idea: Safe subdomain for text-only content #29

Open
i-rme opened this issue Jul 10, 2018 · 0 comments
Open

Idea: Safe subdomain for text-only content #29

i-rme opened this issue Jul 10, 2018 · 0 comments
Milestone
near-term

Comments

@i-rme
Copy link

i-rme commented Jul 10, 2018

This way a link like this one:
https://itty.bitty.site/#/data:text/html;charset=utf-8;bxze64,XQAAAAJBAAAAAAAAAAAqGgknZByHik/KTPT4HSNtN2h5G0ioByi51/j/XfI2TNaobPC0KdqzGEBb+tplhYhyKJ05lvFN3kKxiN/+IvwA

Could be converted to:
https://safe.itty.bitty.site/#/data:text/html;charset=utf-8;bxze64,XQAAAAJBAAAAAAAAAAAqGgknZByHik/KTPT4HSNtN2h5G0ioByi51/j/XfI2TNaobPC0KdqzGEBb+tplhYhyKJ05lvFN3kKxiN/+IvwA

So the iframe becomes fully sandboxed (without "allow-scripts allow-forms allow-top-navigation allow-popups allow-modals").

So the user expects no javascript before opening the link.
@alcor alcor added this to the near-term milestone Jul 11, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
near-term
Development

No branches or pull requests
2 participants
@alcor @i-rme