Re-work configuration handling and sanitize-core.#296
Conversation
|
I think in set a configuration we should first handle |
1fc4830 to
16add11
Compare
|
I have updated the "Configuration Invariants" chapter (but not the actual algorithms) to match our discussion from last Wednesday: https://pr-preview.s3.amazonaws.com/otherdaniel/purification/pull/296.html#invariants I'd be happy for a rough review whether this matches what we discussed. If so, I'll update the algorithm parts next. |
|
Adding these tables to the spec is a good idea.
I would word this as
to make it clearer that this is a strict list. I don't think we need "not in the global remove list" in the first sentences, as this is already enforced by the second.
I misunderstood this the first time when reading. Maybe "All custom data attributes are allowed..." would help? Not sure. |
I am wondering if we should change this to just "must be absent". A config like |
16add11 to
c178053
Compare
Done. |
Done. Also added a sentence that the global remove list might apply elsewhere.
Done. |
|
I think this latest version represents the current group thinking; and I hope I've incorporated all feedback. This ends up being more complicated than what is proposed in #294, but largely because there's a few more edge cases this needs to handle. (E.g. neither |
|
Did another pass. I think I've handled all the feedback, but admittedly I haven't been terribly good at marking things as resolved, which makes the comment list here a bit unwiedly. Anything I've overlooked? |
I don't think it can be helped, we have to go through the comments and resolve them. |
|
Sorry, I tried to comment on some of the older comments and Github totally didn't like that. |
|
With the current text in this PR we won't throw for duplicate names in a Sanitizer config, but I think we decided to throw for these cases. new Sanitizer({ elements: ["br", "br"] }); |
Yes, that's how I remember it too. [=valid=] now checks for dupes (and thus the constructor will throw on them), while [=canonicalize=] will just copy all elements (without eliminating dupes). |
I think I found them: :-) |
|
Great work. I read through everything again and it looks good to me. It's quite possible that I will find something when updating the implementation in Firefox, but that IMO shouldn't block this from landing. Like Daniel, I would prefer tracking problems as individual smaller issues. |
annevk
left a comment
There was a problem hiding this comment.
By-and-large this looks okay to me, but there's many editorial bits to follow-up on.
SHA: 283218f Reason: push, by mozfreddyb Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…idl,smaug Implements WICG/sanitizer-api#296 Differential Revision: https://phabricator.services.mozilla.com/D247299
This PR is meant to capture our recent discussion. It surely needs more editing; but I think the general structure is there. I'd be particularly interested in quick feedback on whether this accurately captures the discussion consensus.
This re-writes config handling and sanitize-core based on 2025-05-28 and 2025-05-14 meeting discussion. This would replace #285.
Since we couldn't quite agree on whether redundent global attribute and per-element attribute definitions should be considered an error, I have tried to cover both. Where they differ, a statement "IF DISALLOW REDUNDANT PER-ELEMENT-ATTRIBUTES" contains the additional checks needed to disallow this.
Preview | Diff