Closed mozfreddyb closed 2 years ago
Thank you! Do you have any insight into when Firefox will be making this a stable feature? setHTML()
fulfills most of my use cases, so I'm very grateful. =D
Is this readme text still correct? https://github.com/mozilla/eslint-plugin-no-unsanitized/blob/main/README.md?plain=1#L8
I'm adjusting the readme in #204. (Discussions about the Sanitizer API should best happen someplace else. But the TLDR is: It's going to take a while :))
No worries, I wasn't sure if I was right. I reviewed the PR and it looks good; I left a comment. :)
197 requested support for the built-in Sanitizer API.
As one of the co-editors, I know that only
element.setHTML()
is stable enough for support.sanitizeFor()
has been removed from Gecko and we still have not reached consensus on how to spec & shipsanitize()
. So this commit doesn't completely fix #197 and will require future work if we end up shipping more than just setHTML.