Craig Francis

Similar proposal from Ilya Grigorik: https://www.igvita.com/2016/03/01/control-groups-cgroups-for-the-web/ Which is probably a bit more enforceable (because it only focuses on these restrictions)... so maybe the CPP might be able to work with...

I think I would like this as well, but how would this be different from: Content-Security-Policy: script-src 'none';

Related, it would be important for anything that isn’t a fixed sized ad, for the frame height to be set automatically, this has been raised for iframes: https://github.com/w3c/csswg-drafts/issues/1771

This is the differences between the messages on Chrome, as of Beta 68:  I don't think many people will see the difference (if they are used to the old...

Just as a note on the Chrome implementation from Dominick Ng... 1) It re-shows the "Press and hold [esc] to exit full screen" message when pressing the [esc] key multiple...

Marked as non substantive for IPR from ash-nazg.

Done, by marking it as "Mark as non-substantive" (which it is). But, do you have any idea how to resolve the issue "craigfrancis did not make IPR commitments for this...

Thanks @yoavweiss, I've done that and suggested adding that link to the error message (ref https://github.com/w3c/ash-nazg/issues/150)

The iframe auto-resize (height) is more of a problem when it's cross origin, as on same origin you can hack this behaviour with: ``` document.getElementById('iframe').contentWindow.document.body.scrollHeight; ``` It does fail when...

Thanks @annevk, I've posted it at https://lists.w3.org/Archives/Public/public-webappsec/2016Jan/0189.html