[whatwg] updateWithSanitizedHTML (was Re: innerStaticHTML)

Adam Barth whatwg at adambarth.com
Mon Nov 30 15:55:58 PST 2009


On Fri, Jun 5, 2009 at 5:09 PM, Ian Hickson <ian at hixie.ch> wrote:
> Defining a spec-blessed whitelist of element, attributes, and attribute
> values is and filtering at the parser level is a significant new feature.
> While I see that it has value, I think on the short term it would be
> better to wait for a future version of HTML before introducing this
> feature; ideally once we have more implementation experience with
> experimental versions of this idea.
>
> I would encourage browser vendors to introduce APIs similar to that
> discussed below, clearly marked as vendor-specific (e.g. for Firefox,
> something like .mozStaticInnerHTML).

The WebKit community is considering taking up such an experimental
implementation.  Here's my current proposal for how this might work:

http://docs.google.com/Doc?docid=0AZpchfQ5mBrEZGQ0cDh3YzRfMTJzbTY1cWJrNA&hl=en

I would appreciate any feedback on the design.

Thanks,
Adam



More information about the whatwg mailing list