content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon mdn

Added examples for the Sanitizer parameters API

Open najmiehsa opened this issue 3 years ago • 5 comments

This is related to the https://github.com/mdn/content/pull/18790#event-7061644512 I added examples for the Sanitizer parameters API. I appreciate feedbacks.

Summary

Motivation

Supporting details

Related issues

Metadata

  • [x] Adds a new document
  • [ ] Rewrites (or significantly expands) a document
  • [x] Fixes a typo, bug, or other error

najmiehsa avatar Jul 27 '22 05:07 najmiehsa

Preview URLs

Flaws

None! 🎉

External URLs

URL: /en-US/docs/Web/API/Sanitizer/Sanitizer Title: Sanitizer() on GitHub

No new external URLs

(this comment was updated 2022-07-27 07:15:24.629867)

github-actions[bot] avatar Jul 27 '22 05:07 github-actions[bot]

@najmiehsa, Thank you for submitting these examples. Unfortunately, when this lands in Chrome beta next week, only Element.setHTML() will be shipping. One of the spec authors, who is also Chrome's lead on the project tells me that the authors generally want to change the design. In other words, in Chrome's release, you'll be able to pass new Sanitizer() as the second parameter to setHTML(), but you will not be able to call sanitize() and sanitizeFor().

Given that the Firefox implementation of these methods is still behind a flag, I do not think we should merge this pull request.

cc: @Rumyra

jpmedley avatar Jul 29 '22 21:07 jpmedley

Yes, we need one implementation (not behind a flag) before merging a feature into MDN. We document browsers and not specs.

teoli2003 avatar Jul 30 '22 04:07 teoli2003

I'm going to close this (after Joe replies) because the time taken for this to be "supported" is still open ended (and as Joe says, might not be quite this implementation). Thanks @najmiehsa for doing this - sorry to ask you for it with this result.

@jpmedley Are you taking care of the browser compat updates required? If not, I would need more information to update this.

What I'm seeing now:

  • `Element.setHTML() not marked as supported in preview.
  • sanitize() and sanitizeFor() are rendering as "preview browser support". The BCD shows them as supported in 105. Opera etc are not mirrored (I would expect them to be).

Anyway, it is not clear to me from the current BCD whether they would be callable in the preview version. My assumption as it is now is that they would be.

hamishwillee avatar Aug 01 '22 01:08 hamishwillee

@teoli2003 PS I merged the original docs for this as part of an FF release project. Did not appreciate at that time that a non-pref implementation was required.

hamishwillee avatar Aug 01 '22 01:08 hamishwillee