HTML 5ͨ¹ýsandboxÊôÐÔÌáÉýiFrameµÄ°²È«ÐÔ

ת×Ô£ºInfoQ
×÷Õß




Abel Avram




ÒëÕß

ÕÅÁú

·¢²¼ÓÚ
2010Äê1ÔÂ30ÈÕ ÉÏÎç12ʱ6·Ö

Ä¿Ç°Web Hypertext Application
Technology Working Group
£¨WHATWG£©ÕýÓëW3C
ͨ
Á¦ºÏ×÷½¨Á¢HTML 5±ê×¼£¬ÔÚ¹ýÈ¥3¸öÔÂÖУ¬¸ÃÏ×÷ÒѾ­½øÈëµ½ÁËWHATWGµÄ“Last Call
”½×
¶Î¡£ÔÚÕâÆڼ䣬±ä»¯×î´óµÄÒ»¸öÌØÐÔ¾ÍÊÇiframeÔªËصÄsandboxÊôÐÔ¡£sandboxÊôÐÔ¿ÉÒÔ·ÀÖ¹²»ÐÅÈεÄWebÒ³ÃæÖ´ÐÐijЩ²Ù×÷¡£
HTML
5
¹æ·¶µÄ±à¼­Ian Hickson̸µ½ÁË
sandboxµÄºÃ´¦
£¬Ëü¿ÉÒÔ·ÀÖ¹ÈçϲÙ×÷£º
·ÃÎʸ¸Ò³ÃæµÄDOM£¨´Ó¼¼Êõ½Ç¶ÈÀ´Ëµ£¬ÕâÊÇÒòΪÏà¶ÔÓÚ¸¸Ò³ÃæiframeÒѾ­³ÉΪ²»Í¬µÄÔ´ÁË£©
Ö´Ðнű¾
ͨ¹ý½Å±¾Ç¶Èë×Ô¼ºµÄ±íµ¥»òÊDzÙ×Ý±íµ¥
¶Ôcookie¡¢±¾µØ´æ´¢»ò±¾µØSQLÊý¾Ý¿âµÄ¶Áд
HTML
5µÄÐÞ¶©ÀúÊ·Ò³Ãæ
»¹Ìáµ½ÁËsandboxµÄÆäËûÌØÐÔ£º
½ûÓòå¼þ
½ûÖ¹ÆäËûä¯ÀÀÉÏÏÂÎĵĵ¼º½
½ûÖ¹µ¯³ö´°¿ÚºÍģʽ¶Ô»°¿ò
iFramesÒò°²È«ÎÊÌâ¶ø³ôÃûÕÑÖø£¬ÕâÖ÷ÒªÊÇÒòΪiFrames³£³£±»ÓÃÓÚǶÈëµÚÈý·½ÄÚÈÝ£¬¶øºóÕßÔò¿ÉÄÜ»áÖ´ÐÐijЩ¶ñÒâ²Ù×÷¡£sandboxͨ¹ý
ÏÞÖƱ»Ç¶ÈëÄÚÈÝËùÔÊÐíµÄ²Ù×÷¶øÌáÉýiFramesµÄ°²È«ÐÔ¡£ÕâÖÖ·½Ê½½«É³ÏäÄÚÈÝÓ븸ҳÃæ½øÐÐÁË·ÖÀ룬Òò´ËÏÞÖÆÁ˱»Ç¶ÈëÄÚÈݵÄȨÏÞ¡£
ÓësandboxÒ»Æð³öÀ´µÄ»¹ÓÐÆäMIMEÀàÐÍ£ºtext/html-sandboxed¡£Hickson˵µ½£º
text/html-sandboxed
MIMEÀàÐÍÈ·±£Óû§²»»á·ÃÎʵ½²»¿ÉÐŵÄÄÚÈÝ¡£Ëü°üº¬Á½²¿·ÖÄÚÈÝ£ºÊ×ÏÈ£¬Èç¹ûÓû§Ö±½Ó·ÃÎÊÒ³Ãæʱ£¬ä¯ÀÀÆ÷²»¿ÉÒÔäÖȾÄÇЩ¾ßÓÐtext/html-
sandboxed
MIMEÀàÐ͵ÄÒ³Ã档ĿǰËùÓÐä¯ÀÀÆ÷¶¼Ö§³ÖÕâÒ»µã£¬ÕâЩä¯ÀÀÆ÷»áÏÂÔØÒ³ÃæµÄ±ê¼Çµ«²»»áäÖȾҳÃ棻Æä´Î£¬Ö§³ÖsandboxÊôÐÔµÄä¯ÀÀÆ÷ÐèÒªäÖȾ¾ßÓÐ
text/html-sandboxed
MIMEÀàÐ͵Äiframes£¨µ«»áÊܵ½sandboxÊôÐÔÖÐËùÉ趨µÄȨÏÞÏÞÖÆ£©Ä¿Ç°ÎªÖ¹£¬»¹Ã»ÓÐä¯ÀÀÆ÷ʵÏÖÕâÒ»µã£¬Google
ChromeÒ²ÊÇÈç´Ë£¨Ëü»áäÖȾ¸¸Ò³Ã棬µ«È´ÏÂÔØiframeÄÚÈݶø·ÇÔÚiframeÖжÔÆä½øÐÐäÖȾ£©¡£Òò´ËÄ¿Ç°»¹Ã»·¨Ê¹ÓøÃÏî¼¼Êõ£¬³ý·ÇGoogle¸ü
ÐÂChromeÒÔÖ§³ÖÕâÒ»µã£¨´ÓÀíÂÛÉÏÀ´Ëµ£¬ÆäËûµÄä¯ÀÀÆ÷³§ÉÌÔÚʵÏÖÁ˶ÔsandboxÊôÐÔµÄÖ§³Öºó¾Í»áʵÏָü¼Êõ£¬ÈÃÎÒÃÇÊÃÄ¿ÒÔ´ý°É£©¡£
Ä¿Ç°£¬Ö»ÓÐGoogle Chrome
4.0ʹÓÃÁËsandbox£¬Firefox¡¢IE8ºÍSafari¶¼»¹Ã»ÓÐʵÏÖÕâÒ»µã£¬µ«ÏàÐŲ»¾ÃÖ®ºóÕâЩä¯ÀÀÆ÷¶¼»áʵÏֵġ£Î§ÈÆ×ÅHTML 5
<video>ÔªËØ·¢ÉúÁ˺ܶàÊÂÇé
£¬Googleͨ¹ýH.264
±ê×¼¶ÔÆä½øÐÐʵÏÖ£¬¶ø