Open foolip opened 1 month ago
This makes sense.
I held off because we will need to implement some security features first.
First, we will want to use something like https://github.com/microcosm-cc/bluemonday to sanitize the field. (I trust web-features but want to be extra careful)
In the lit app, we can then use unsafeHTML
Also, in the frontend server, we will want to add some Content-Security-Policy header
In web-features,
description
is plaintext, whiledescription_html
can have<code>
and other markup for improved readability.In the case of https://webstatus.dev/features/text-wrap-balance, "text-wrap: balance" is wrapped in
<code>
which makes it clear thattext-wrap: balance
is the syntax for this.