Malvoz

+1

Chrome bug: https://bugs.chromium.org/p/chromium/issues/detail?id=671310 Firefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1407355

@AsyncBanana It looks like the feature hasn't shipped yet, though it is available for Origin Trials.

> - https://wicg.github.io/purification/ New home: https://wicg.github.io/sanitizer-api/

> - Content-Security-Policy > Suggest that it exist. Confirm it doesn't have unsafe-inline, unsafe-eval, or glob-starred CDNs/hosts (*.amazonaws.com). https://csp-evaluator.withgoogle.com/ also recommends `object-src: 'none'` if possible (should be covered in https://github.com/GoogleChrome/lighthouse/issues/7159)....

@optimalisatie I believe your suggestion is off-topic from HTTP headers (while I understand you want this potential audit included in a new security category), and so should be a separate...

Also reproducible on Android 12 (Chrome 97.0.4692.98): https://user-images.githubusercontent.com/26493779/152641279-82cd2d02-620e-4928-a52d-748a77d92587.mp4

@Falke-Design I get the same behavior in Firefox, strange. Do you have Chrome installed?

Quite an oversight, should be fixed in https://github.com/Leaflet/Leaflet/pull/8251 by utilizing Canvas Sub DOM for accessible vectors:  /cc @alekzvik

Is it important to have tabs within the editor? If not the editor could simply be a [`contenteditable`](https://developer.mozilla.org/en-US/docs/Web/HTML/Global_attributes/contenteditable) element?