search

mick / billboard

Control content in a browser via a simple HTTP API. Great for office wall mounted displays
MIT License
12 stars 6 forks source link

Add HTML snippet #19

Open yesezra opened 11 years ago

yesezra commented 11 years ago

similar to an iframe, but simply embed HTML into the billboard page.

mick commented 11 years ago

Do we want to just through the html inside an iframe, scrub it, or just trust it?

yesezra commented 11 years ago

Hmm. What kinds of attacks would be be susceptible to if we just trust it?

Any downsides to using an iframe? Seems like that makes the most sense.

mick commented 11 years ago

The Iframe would isolate the HTML, so it would be secure. I think that is the way to go.

Also easy to implement :)

On Thursday, August 22, 2013, Ezra Spier wrote:

Hmm. What kinds of attacks would be be susceptible to if we just trust it?

Any downsides to using an iframe? Seems like that makes the most sense.

— Reply to this email directly or view it on GitHubhttps://github.com/mick/billboard/issues/19#issuecomment-23140780 .

_Mick