254
edits
Platform/HTML5 sanitizer: Difference between revisions
→Gecko Requirements: Use one element whitelist instead of 3
(Microdata) |
(→Gecko Requirements: Use one element whitelist instead of 3) |
||
| Line 4: | Line 4: | ||
* Allow a setting for enabling comments. See {{bug|572642}} | * Allow a setting for enabling comments. See {{bug|572642}} | ||
** Or always enable comments? (What about "--" in comments?) | ** Or always enable comments? (What about "--" in comments?) | ||
* Have three element white lists: HTML, SVG and MathML. | * <s>Have three element white lists: HTML, SVG and MathML.</s> | ||
** This turns out to lead to a lot of complexity without clear benefit. | |||
* Have three attribute white lists: HTML, SVG and MathML. The attributes don't depend on the element they are on beyond the element namespace. | * Have three attribute white lists: HTML, SVG and MathML. The attributes don't depend on the element they are on beyond the element namespace. | ||
** XXX: Figure out what the requirements are for attributes starting with data- or _. | ** XXX: Figure out what the requirements are for attributes starting with data- or _. | ||