Skip to content
Permalink
Browse files

[e] (0) Add an example of srcdoc='' and some usage notes.

git-svn-id: http://svn.whatwg.org/webapps@4623 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information...
Hixie committed Jan 24, 2010
1 parent cd08050 commit 5fae353673e7b190d45909aa08de4159ae5200d7
Showing with 120 additions and 3 deletions.
  1. +39 −1 complete.html
  2. +39 −1 index
  3. +42 −1 source
@@ -19694,10 +19694,48 @@ <h4 id=the-iframe-element><span class=secno>4.8.3 </span>The <dfn><code>iframe</

<div class=example>

<p class=XXX>example for srcdoc here</p>
<p>Here a blog uses the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction
with the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attributes described
below to provide users of user agents that support this feature
with an extra layer of protection from script injection in the blog
post comments:</p>

<pre>&lt;article&gt;
&lt;h1&gt;I got my own magazine!&lt;/h1&gt;
&lt;p&gt;After much effort, I've finally found a publisher, and so now I
have my own magazine! Isn't that awesome?! The first issue will come
out in September, and we have articles about getting food, and about
getting in boxes, it's going to be great!&lt;/p&gt;
&lt;footer&gt;
&lt;p&gt;Written by &lt;a href="/users/cap"&gt;cap&lt;/a&gt;.
&lt;time pubdate&gt;2009-08-21T23:32Z&lt;/time&gt;&lt;/p&gt;
&lt;/footer&gt;
&lt;article&gt;
&lt;footer&gt; At &lt;time pubdate&gt;2009-08-21T23:35Z&lt;/time&gt;, &lt;a href="/users/ch"&gt;ch&lt;/a&gt; writes: &lt;/footer&gt;
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p&gt;did you get a cover picture yet?"&gt;&lt;/iframe&gt;
&lt;/article&gt;
&lt;article&gt;
&lt;footer&gt; At &lt;time pubdate&gt;2009-08-21T23:44Z&lt;/time&gt;, &lt;a href="/users/cap"&gt;cap&lt;/a&gt; writes: &lt;/footer&gt;
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p&gt;Yeah, you can see it &lt;a href=&amp;quot;/gallery/cover/1&amp;quot;&gt;in my gallery&lt;/a&gt;."&gt;&lt;/iframe&gt;
&lt;/article&gt;
&lt;article&gt;
&lt;footer&gt; At &lt;time pubdate&gt;2009-08-21T23:58Z&lt;/time&gt;, &lt;a href="/users/ch"&gt;ch&lt;/a&gt; writes: &lt;/footer&gt;
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p&gt;hey that's earl's table.
&lt;p&gt;you should get earl&amp;amp;me on the next cover."&gt;&lt;/iframe&gt;
&lt;/article&gt;</pre>

</div>

<p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only
remember to use U+0022 QUOTATION MARK characters (") to wrap the
attribute contents and then to quote all U+0022 QUOTATION MARK (")
and U+0026 AMPERSAND (&amp;) characters, and to specify the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, to ensure safe
embedding of content.</p>

<p class=note>Due to restrictions of <span>the XML syntax</span>,
in XML a number of other characters need to be escaped also to
ensure correctness.</p>

<hr><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn>
attribute, if present, must be a <a href=#valid-browsing-context-name>valid browsing context
name</a>. The given value is used to name the <a href=#nested-browsing-context>nested
40 index

<div class=example>

<p class=XXX>example for srcdoc here</p>
<p>Here a blog uses the <code title=attr-iframe-srcdoc><a href=#attr-iframe-srcdoc>srcdoc</a></code> attribute in conjunction
with the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> and <code title=attr-iframe-seamless><a href=#attr-iframe-seamless>seamless</a></code> attributes described
below to provide users of user agents that support this feature
with an extra layer of protection from script injection in the blog
post comments:</p>

<pre>&lt;article&gt;
&lt;h1&gt;I got my own magazine!&lt;/h1&gt;
&lt;p&gt;After much effort, I've finally found a publisher, and so now I
have my own magazine! Isn't that awesome?! The first issue will come
out in September, and we have articles about getting food, and about
getting in boxes, it's going to be great!&lt;/p&gt;
&lt;footer&gt;
&lt;p&gt;Written by &lt;a href="/users/cap"&gt;cap&lt;/a&gt;.
&lt;time pubdate&gt;2009-08-21T23:32Z&lt;/time&gt;&lt;/p&gt;
&lt;/footer&gt;
&lt;article&gt;
&lt;footer&gt; At &lt;time pubdate&gt;2009-08-21T23:35Z&lt;/time&gt;, &lt;a href="/users/ch"&gt;ch&lt;/a&gt; writes: &lt;/footer&gt;
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p&gt;did you get a cover picture yet?"&gt;&lt;/iframe&gt;
&lt;/article&gt;
&lt;article&gt;
&lt;footer&gt; At &lt;time pubdate&gt;2009-08-21T23:44Z&lt;/time&gt;, &lt;a href="/users/cap"&gt;cap&lt;/a&gt; writes: &lt;/footer&gt;
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p&gt;Yeah, you can see it &lt;a href=&amp;quot;/gallery/cover/1&amp;quot;&gt;in my gallery&lt;/a&gt;."&gt;&lt;/iframe&gt;
&lt;/article&gt;
&lt;article&gt;
&lt;footer&gt; At &lt;time pubdate&gt;2009-08-21T23:58Z&lt;/time&gt;, &lt;a href="/users/ch"&gt;ch&lt;/a&gt; writes: &lt;/footer&gt;
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p&gt;hey that's earl's table.
&lt;p&gt;you should get earl&amp;amp;me on the next cover."&gt;&lt;/iframe&gt;
&lt;/article&gt;</pre>

</div>

<p class=note>In <a href=#syntax>the HTML syntax</a>, authors need only
remember to use U+0022 QUOTATION MARK characters (") to wrap the
attribute contents and then to quote all U+0022 QUOTATION MARK (")
and U+0026 AMPERSAND (&amp;) characters, and to specify the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code> attribute, to ensure safe
embedding of content.</p>

<p class=note>Due to restrictions of <span>the XML syntax</span>,
in XML a number of other characters need to be escaped also to
ensure correctness.</p>

<hr><p>The <dfn id=attr-iframe-name title=attr-iframe-name><code>name</code></dfn>
attribute, if present, must be a <a href=#valid-browsing-context-name>valid browsing context
name</a>. The given value is used to name the <a href=#nested-browsing-context>nested
43 source

<div class="example">

<p class="XXX">example for srcdoc here</p>
<p>Here a blog uses the <code
title="attr-iframe-srcdoc">srcdoc</code> attribute in conjunction
with the <code title="attr-iframe-sandbox">sandbox</code> and <code
title="attr-iframe-seamless">seamless</code> attributes described
below to provide users of user agents that support this feature
with an extra layer of protection from script injection in the blog
post comments:</p>

<pre>&lt;article>
&lt;h1>I got my own magazine!&lt;/h1>
&lt;p>After much effort, I've finally found a publisher, and so now I
have my own magazine! Isn't that awesome?! The first issue will come
out in September, and we have articles about getting food, and about
getting in boxes, it's going to be great!&lt;/p>
&lt;footer>
&lt;p>Written by &lt;a href="/users/cap">cap&lt;/a>.
&lt;time pubdate>2009-08-21T23:32Z&lt;/time>&lt;/p>
&lt;/footer>
&lt;article>
&lt;footer> At &lt;time pubdate>2009-08-21T23:35Z&lt;/time>, &lt;a href="/users/ch">ch&lt;/a> writes: &lt;/footer>
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p>did you get a cover picture yet?">&lt;/iframe>
&lt;/article>
&lt;article>
&lt;footer> At &lt;time pubdate>2009-08-21T23:44Z&lt;/time>, &lt;a href="/users/cap">cap&lt;/a> writes: &lt;/footer>
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p>Yeah, you can see it &lt;a href=&amp;quot;/gallery/cover/1&amp;quot;>in my gallery&lt;/a>.">&lt;/iframe>
&lt;/article>
&lt;article>
&lt;footer> At &lt;time pubdate>2009-08-21T23:58Z&lt;/time>, &lt;a href="/users/ch">ch&lt;/a> writes: &lt;/footer>
&lt;iframe seamless sandbox="allow-same-origin" srcdoc="&lt;p>hey that's earl's table.
&lt;p>you should get earl&amp;amp;me on the next cover.">&lt;/iframe>
&lt;/article></pre>

</div>

<p class="note">In <span>the HTML syntax</span>, authors need only
remember to use U+0022 QUOTATION MARK characters (") to wrap the
attribute contents and then to quote all U+0022 QUOTATION MARK (")
and U+0026 AMPERSAND (&amp;) characters, and to specify the <code
title="attr-iframe-sandbox">sandbox</code> attribute, to ensure safe
embedding of content.</p>

<p class="note">Due to restrictions of <span>the XML syntax</span>,
in XML a number of other characters need to be escaped also to
ensure correctness.</p>

<hr>

<p>The <dfn title="attr-iframe-name"><code>name</code></dfn>

0 comments on commit 5fae353

Please sign in to comment.
You can’t perform that action at this time.