Implement a security control for ensuring that only intended documents have
access to the DataTransferObject during a drag operation by providing a
wrapped implementation. For information see the following link.
http://www.w3.org/TR/html5/editing.html#security-risks-in-the-drag-and-drop-mode
l
In comments, discuss possible mitigation of MiTM and XSS risks associated
with the new HTML Drag and Drop functionality.
Original issue reported on code.google.com by chrisisbeef on 29 Apr 2010 at 2:36
Original issue reported on code.google.com by
chrisisbeefon 29 Apr 2010 at 2:36