trusted-types
trusted-types copied to clipboard
Should SVGScriptElement have an IDL way to set a trusted script value?
Currently I don't believe there's any sanctioned way to update the contents of an SVG script element (assuming https://github.com/w3c/trusted-types/issues/483 is done so the protection covers them too).
The spec says that we recommend authors use script.textContent, script.innerText or script.text for updating the contents of a script element with a trusted object. Should the same not also hold true for an SVG script element?
As far as I can see this isn't just a spec issue it's also missing from Chrome's implementation.
It would seem to make sense to shadow Node.textContent to the SVGScriptElement type?