Sender | Message | Time |
---|---|---|
22 Apr 2024 | ||
Luke Warlow | Yeah sorry I've just spotted those too | 15:51:40 |
Luke Warlow | * Yeah sorry I've just spotted those too, fixing now | 15:51:44 |
Luke Warlow | Okay I think that's all done now. Apologies. | 15:53:14 |
nika | back Apr 29 changed their display name from nika to nika | back Apr 29. | 21:21:26 | |
23 Apr 2024 | ||
zcorpan | In reply to @lwarlow:igalia.comI think so | 07:23:43 |
zcorpan | Still no solution to inline buttons afaik https://twitter.com/ned/status/1051798190951940096 | 07:25:04 |
Luke Warlow | Does anyone happen to know if the sanitizer API has a list of all event handler attribute names? Or is it piggy backing off some other mechanism? | 11:36:17 |
annevk | Luke Warlow: that part isn't written down yet. They will prolly end up being part of a larger list of attributes in the end, but could be made reusable. However, they would not include event handler attributes of XMLHttpRequest and the like. | 15:41:06 |
Luke Warlow | In reply to @annevk:matrix.orgIf they could be a separate list that's merged into the other than that would be useful. Trusted Types could piggy back of that list in that case? | 15:42:36 |
annevk | This should probably be discussed with more people, but it doesn't seem unreasonable to me to blocklist all attributes starting with "on" for this purpose. | 15:42:50 |
Luke Warlow | Interestingly that is how I had the spec originally (it's still implemented that way in WebKit for now). Where do you think is best to raise an issue? I think it makes sense to align TT and the sanitizer in this regard | 15:44:31 |
yulia changed their display name from yulia to yulia | out until tomorrow. | 15:45:55 | |
annevk | Luke Warlow: I think it would make sense to raise an issue against the Sanitizer API suggesting that and then flag it for discussion during WHATNOT to see what people think as it would essentially enshrine the "on*" pattern. Both that we shouldn't use "on*" attributes for other things and that things that don't start with "on" should not be event handlers. The small bit of complexity with the Sanitizer API is that it aims to standardize a safelist, but it will rely on "known attributes/elements" as well so there's a blocklist underneath, which might as well use "on*" for future proofing. | 15:56:32 |
Luke Warlow | In reply to @annevk:matrix.orghttps://github.com/WICG/sanitizer-api/issues/226 - hopefully it's worded in a way that makes sense | 16:06:25 |
Luke Warlow | In reply to @annevk:matrix.org* https://github.com/WICG/sanitizer-api/issues/226 - hopefully it's worded in a way that makes sense, I'll link to it on the WHATNOT meeting issue | 16:06:44 |
24 Apr 2024 | ||
clean pest joined the room. | 00:26:08 | |
clean pest | Hello | 00:26:27 |
Yoav Weiss | Hey folks! I'd appreciate ideas as to why WATTSI is choking on me in the PR preview of https://github.com/whatwg/html/pull/10269 | 07:55:36 |
Yoav Weiss | (doesn't happen locally) | 07:55:44 |
Luke Warlow | In reply to @yoavweiss:matrix.orgThat error is normally due to mismatched start and end tags. But having said that the line it mentions is a </ol> and from a quick scan I don't see a dangling open <ol> | 08:14:26 |
annevk | Yoav Weiss: "</p</li>" looks bogus | 08:31:07 |
annevk | You're also removing some newlines which seems suspicious | 08:31:45 |
Yoav Weiss | Thanks, looking! | 09:17:09 |
Yoav Weiss | That was indeed the issue, thanks annevk !! | 09:26:53 |
yulia changed their display name from yulia | out until tomorrow to yulia. | 13:09:40 | |
@quentinbellina:matrix.org joined the room. | 13:24:20 | |
@quentinbellina:matrix.org left the room. | 13:24:20 | |
KS UZI joined the room. | 16:29:28 | |
25 Apr 2024 | ||
Domenic | I'm just gonna merge https://github.com/whatwg/html-build/pull/291 . I was hoping to get more Rust reviewers but I think waiting is the wrong tradeoff. | 02:23:44 |
Valkrn joined the room. | 08:06:13 |