search

w3c / trusted-types

A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
https://w3c.github.io/trusted-types/dist/spec/
Other
606 stars 74 forks source link

Rewrite metadata functions #457

Closed lukewarlow closed 5 months ago

lukewarlow commented 8 months ago

Fixes #456 and #423, and #474

Preview | Diff

lukewarlow commented 8 months ago

@mbrodesser-Igalia do you think you'd be able to give this a review?

mbrodesser-Igalia commented 8 months ago

@mbrodesser-Igalia do you think you'd be able to give this a review?

If this could wait until I actually start implementing it in Gecko, that might be most effective.

mbrodesser-Igalia commented 8 months ago

@mbrodesser-Igalia do you think you'd be able to give this a review?

If this could wait until I actually start implementing it in Gecko, that might be most effective.

Thorough reviews are time-consuming.

lukewarlow commented 6 months ago

@koto (and @annevk because you raised one of these related issues) what do you think of this?

lukewarlow commented 5 months ago

For the sake of keeping the spec moving I've made two new issues to track the remaining questions here and am going to get this merged in so we can remove the last StringContext attribute mentions. The whole spec needs an editorial run through and any issues here can be addressed as part of that or smaller follow ups.