-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New WebIDL syntax with explicit name/namespace #181
Comments
CC @annevk |
Seems good, but consider using the canonical property names |
I think this is okay given that for I don't see What's the reason for keeping attributes and elements separate? |
|
A couple of reasons. We think it's making a bit more ergonomic for a couple of use cases:
If elements+attributes were combined in a joint structure, attributes would always have to be copied or specified twice. |
I like the new proposal. I'll try to spec it out next week, and maybe start with a trial implementation so I can try it out. |
I think this would need to be I would also make the namespace URI nullable. It'd be nice to make it optional, with a default that's the same as what we would use if you're using the
I think using Star here would make sense. I find having both |
Remove SanitizerAPINamespacesForTesting flag and support code, to prepare for a new and different namespace-d content in Sanitizer proposal. Ref: WICG/sanitizer-api#181 Bug: 1225606 Change-Id: I13ad92898b28d56224c7a227b21390e927e86a17
This is indeed a thing where we were a bit unsure. If I remember correctly, @otherdaniel also preferred a variant of That being said, we're open to feedback from folks with more experience in designing & shipping new WebAPIs. We do not intend to go against the grain if there are existing patterns and are keen to learn more. @petervanderbeken what's your take on explicit/implicit here? |
I toyed around a bit with this and think this is a workable proposal. One item I stumbled on is that error handling becomes a bit weird. E.g. if the name in the name/namespace dictionary is required you get weird error handling: Putting some rubbish into the list of elements usually passes (by ignoring said rubbish); but if you put in a dictionary without "name" key in it, then WebIDL can't make sense of it and the Sanitizer construction fails with an exception. That struck me as rather unexpected. If possible, I'd like some feedback on "web-by" error handling, too. So far, we just ignore un-parseable config items, meaning that in the worst case our safe-by-default defaults will apply. The idea is to not block off future extensions to the config. Should we instead throw on any unknown config items? Or does it depend on the type of item?
I'm in favour. It wouldn't depend on the document type IMHO, but on whether it's an element or attribute. HTML namespace should be the default for elements; the empty namespace for attributes.
Yes, I think |
I like Peter's idea of using a DOMString or dictionary with name+namespace for the attribute name. However the duplication of name does look a bit strange to me: |
Remove SanitizerAPINamespacesForTesting flag and support code, to prepare for a new and different namespace-d content in Sanitizer proposal. Ref: WICG/sanitizer-api#181 Bug: 1225606 Change-Id: I13ad92898b28d56224c7a227b21390e927e86a17 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4051041 Reviewed-by: Yifan Luo <[email protected]> Reviewed-by: Koji Ishii <[email protected]> Reviewed-by: Anders Hartvoll Ruud <[email protected]> Commit-Queue: Daniel Vogelheim <[email protected]> Cr-Commit-Position: refs/heads/main@{#1078534}
Remove SanitizerAPINamespacesForTesting flag and support code, to prepare for a new and different namespace-d content in Sanitizer proposal. Ref: WICG/sanitizer-api#181 Bug: 1225606 Change-Id: I13ad92898b28d56224c7a227b21390e927e86a17 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4051041 Reviewed-by: Yifan Luo <[email protected]> Reviewed-by: Koji Ishii <[email protected]> Reviewed-by: Anders Hartvoll Ruud <[email protected]> Commit-Queue: Daniel Vogelheim <[email protected]> Cr-Commit-Position: refs/heads/main@{#1078534}
…pacesForTesting flag., a=testonly Automatic update from web-platform-tests [Sanitizer API] Remove SanitizerAPINamespacesForTesting flag. Remove SanitizerAPINamespacesForTesting flag and support code, to prepare for a new and different namespace-d content in Sanitizer proposal. Ref: WICG/sanitizer-api#181 Bug: 1225606 Change-Id: I13ad92898b28d56224c7a227b21390e927e86a17 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4051041 Reviewed-by: Yifan Luo <[email protected]> Reviewed-by: Koji Ishii <[email protected]> Reviewed-by: Anders Hartvoll Ruud <[email protected]> Commit-Queue: Daniel Vogelheim <[email protected]> Cr-Commit-Position: refs/heads/main@{#1078534} -- wpt-commits: ad194932af87b0503d32282520fcd10c8cc22243 wpt-pr: 37139
Remove SanitizerAPINamespacesForTesting flag and support code, to prepare for a new and different namespace-d content in Sanitizer proposal. Ref: WICG/sanitizer-api#181 Bug: 1225606 Change-Id: I13ad92898b28d56224c7a227b21390e927e86a17 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4051041 Reviewed-by: Yifan Luo <[email protected]> Reviewed-by: Koji Ishii <[email protected]> Reviewed-by: Anders Hartvoll Ruud <[email protected]> Commit-Queue: Daniel Vogelheim <[email protected]> Cr-Commit-Position: refs/heads/main@{#1078534}
One addition to consider: To support the use case of "grab bag of elements and attributes", it would be nice to specify attributes as a simple list, just like the elements. E.g.:
This largely aligns with the existing proposal, but requires defining |
…pacesForTesting flag., a=testonly Automatic update from web-platform-tests [Sanitizer API] Remove SanitizerAPINamespacesForTesting flag. Remove SanitizerAPINamespacesForTesting flag and support code, to prepare for a new and different namespace-d content in Sanitizer proposal. Ref: WICG/sanitizer-api#181 Bug: 1225606 Change-Id: I13ad92898b28d56224c7a227b21390e927e86a17 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4051041 Reviewed-by: Yifan Luo <[email protected]> Reviewed-by: Koji Ishii <[email protected]> Reviewed-by: Anders Hartvoll Ruud <[email protected]> Commit-Queue: Daniel Vogelheim <[email protected]> Cr-Commit-Position: refs/heads/main@{#1078534} -- wpt-commits: ad194932af87b0503d32282520fcd10c8cc22243 wpt-pr: 37139
Why not flatten this out as |
Good question. That was actually in my original proposal. I thought that Peter was suggesting we remove the flattening and also use either a DOMString or an object with name + namespace like for elements, but maybe I am just imaging that now. I am open to both solutions. Aside: My personal opinion is that as long as we can use just a string for what I suspect is the most common use case, the explicit syntax with namespaces doesn't matter much to me. At that point I would even accept |
We just had a sanitizer meeting and I think we all comfortable with using syntax proposed in the initial #181 (comment).
|
(If |
We discussed this again in the call and agree on this syntax. |
Updated WebIDL based on what was discussed in #199. This doesn't quite match #196, because that seems to contain the star "*" syntax again, which AFAIK didn't really go into. dictionary SanitizerElementNamespace {
required DOMString name;
DOMString? _namespace = "http://www.w3.org/1999/xhtml";
};
// Used by "elements"
dictionary SanitizerElementNamespaceWithAttributes : SanitizerElementNamespace {
sequence<SanitizerAttribute> attributes;
sequence<SanitizerAttribute> removeAttributes;
};
typedef (DOMString or SanitizerElementNamespace) SanitizerElement;
typedef (DOMString or SanitizerElementNamespaceWithAttributes) SanitizerElementWithAttributes;
dictionary SanitizerAttributeNamespace {
required DOMString name;
DOMString? _namespace = null;
};
typedef (DOMString or SanitizerAttributeNamespace) SanitizerAttribute;
dictionary SanitizerConfig {
sequence<SanitizerElementWithAttributes> elements;
sequence<SanitizerElement> removeElements;
sequence<SanitizerElement> replaceWithChildrenElements;
sequence<SanitizerAttribute> attributes;
sequence<SanitizerAttribute> removeAttributes;
boolean customElements;
boolean unknownMarkup; // Name TBD!
boolean comments;
}; Edit: 16 October. Removed Sanitizer |
Thank you @evilpie for putting that together!
|
So what would happen for
I forget about that... I just looked at our notes and we did decide that! I've updated the IDL.
Makes sense to me. I just kept that.
|
Anne pointed out that it's apparently possible to create elements with a null namespace in XML or explicitly via the API |
|
…io,freddyb The new proposed WebIDL is at WICG/sanitizer-api#181 (comment). Sadly we don't have a real spec for this yet. Luckily this is mostly just a renaming. The biggest change is that every <element> in elements: now has a list of allowed and removed attributes. Differential Revision: https://phabricator.services.mozilla.com/D193642
…io,freddyb The new proposed WebIDL is at WICG/sanitizer-api#181 (comment). Sadly we don't have a real spec for this yet. Luckily this is mostly just a renaming. The biggest change is that every <element> in elements: now has a list of allowed and removed attributes. Differential Revision: https://phabricator.services.mozilla.com/D193642
…io,freddyb The new proposed WebIDL is at WICG/sanitizer-api#181 (comment). Sadly we don't have a real spec for this yet. Luckily this is mostly just a renaming. The biggest change is that every <element> in elements: now has a list of allowed and removed attributes. Differential Revision: https://phabricator.services.mozilla.com/D193642 UltraBlame original commit: 8c7aa601f08a38022d337a34788b7e75e5ca4aed
…io,freddyb The new proposed WebIDL is at WICG/sanitizer-api#181 (comment). Sadly we don't have a real spec for this yet. Luckily this is mostly just a renaming. The biggest change is that every <element> in elements: now has a list of allowed and removed attributes. Differential Revision: https://phabricator.services.mozilla.com/D193642 UltraBlame original commit: 8c7aa601f08a38022d337a34788b7e75e5ca4aed
…io,freddyb The new proposed WebIDL is at WICG/sanitizer-api#181 (comment). Sadly we don't have a real spec for this yet. Luckily this is mostly just a renaming. The biggest change is that every <element> in elements: now has a list of allowed and removed attributes. Differential Revision: https://phabricator.services.mozilla.com/D193642 UltraBlame original commit: 8c7aa601f08a38022d337a34788b7e75e5ca4aed
We have been working on a new syntax that doesn't involve any micro syntax for namespaces, but instead either supports just a string (with an implicit default namespace) or an object/dictionary with an explicit name and namespace.
1. Use case: Elements with no namespace (HTML)
2. Use case: Mixing elements from different namespaces
3. Use case: Attribute + elements
4. Use case: Allow some attribute on any element (e.g. global attributes)
5. Use case: Allowing all attributes on a specific element
For this we aren't sure about the syntax.
6. Use case: Non-null attribute namespace
The text was updated successfully, but these errors were encountered: