[webkit-dev] innerStaticHTML

[Michal Zalewski]

> I'd rather not go this route in our initial implementation.  I think
> we should target the use case of a web site receiving an untrusted
> string via cross-origin XMLHttpRequest or postMessage.

Fair enough. OTOH, this solves a very narrow problem. If we have an
implementation that at least extends to a non-JS solution without the
need to create a wholly separate mechanism should there eventually be
desire to make a difference in this area, it's a win. So, child-locked
tags appeal to me a whole lot more than a variant of .innerHTML.

Cheers,
/mz