LGTM2
/Daniel
On 2022-06-01 14:48, Yoav Weiss wrote:
LGTM1 % explainer update
On Wed, Jun 1, 2022 at 12:55 PM Daniel Vogelheim
<[email protected]> wrote:
On Wed, Jun 1, 2022 at 11:47 AM Yoav Weiss
<[email protected]> wrote:
On Wed, Jun 1, 2022 at 11:09 AM Daniel Vogelheim
<[email protected]> wrote:
Contact emails
[email protected], [email protected], [email protected]
Explainer
https://github.com/WICG/sanitizer-api
https://web.dev/sanitizer
Specification
https://wicg.github.io/sanitizer-api
Docs
https://web.dev/sanitizer
https://developer.mozilla.org/en-US/docs/Web/API/HTML_Sanitizer_API
Summary
The Sanitizer API offers an easy to use and safe by
default HTML Sanitizer API, which developers can use to
remove content that may execute script from arbitrary,
user-supplied HTML content. The goal is to make it easier
to build XSS-free web applications. The intended
contributions of the Sanitizer API are: Making a sanitizer
more easily accessible to web developers; be easy to use
and safe by default; and shift part of the maintenance
burden to the platform. This is the initial "MVP". This
implements the current spec except for two features, the
.sanitize and .sanitizeFor methods on the Sanitizer
object, in order to leave room for more discussion. Our
intent is to add the missing features once the discussion
has run its course. In all other aspects, this launch
faithfully implements the spec as currently written. We
feel the current implementation already adds substantial
value to the web platform as-is.
So will this only support the `setHTML()` option initially?
Yes, exactly.
It'd be good to update the explainer to indicate that more clearly.
Right now, `setHTML()` is not well-represented there. We should also
make sure that developers don't assume that the existence of a
`Sanitizer` object implies the existence of `Saintizer.sanitize` and
feature-detect for it.
Blink component
Blink>SecurityFeature>SanitizerAPI
<https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3ESecurityFeature%3ESanitizerAPI>
TAG review
https://github.com/w3ctag/design-reviews/issues/619
TAG review status
Issues addressed
Risks
Interoperability and Compatibility
This is a new API that does not modify existing behaviour.
A comprehensive WPT test suite ensures cross-browser
compatibility.
/Gecko/: In development
(https://github.com/mozilla/standards-positions/issues/106)
Standards Position:
https://github.com/mozilla/standards-positions/issues/106
A prototype is In development:
https://groups.google.com/g/mozilla.dev.platform/c/C4EHeQlaMbU/m/C8hNg9ehBwAJ
/WebKit/: No signal
(https://lists.webkit.org/pipermail/webkit-dev/2021-March/031731.html,
https://lists.webkit.org/pipermail/webkit-dev/2022-March/032155.html)
A position statement has been requested. The answer
received to date (2021-03-18) avoids giving a definite
answer one way or another. Please follow the links for
details.
/Web developers/: Positive. There have been several
articles or blog posts about the Sanitizer API, with a
generally positive undertone. Examples:
https://portswigger.net/daily-swig/google-mozilla-close-to-finalizing-sanitizer-api-for-chrome-and-firefox-browsers
https://blog.bitsrc.io/javascript-sanitizer-api-the-modern-way-to-safe-dom-manipulation-828d5ea7dca6
https://css-tricks.com/html-sanitizer-api/
Security
The goal of this feature is to make security more
accessible. We generally consider this feature low risk,
since it's an additive feature that does not extend or
interact with existing platform security mechanisms. The
specification lists several security risks that are being
considered during development of the feature:
https://wicg.github.io/sanitizer-api/#security-considerations
WebView application risks
n/a
Debuggability
Sanitizer API can be readily debugged with existing
DevTools. It does not have hidden state (or other
"special" integration) that would warrant customized
DevTools support.
Will this feature be supported on all six Blink
platforms (Windows, Mac, Linux, Chrome OS,
Android, and Android WebView)?
Yes
Is this feature fully tested by web-platform-tests
<https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md>?
Yes
Flag name
SanitizerAPIv0
Requires code in //chrome?
False
Tracking bug
https://crbug.com/1101982
Launch bug
https://crbug.com/1306863
Measurement
Several counters for API calls are defined. (E.g.
https://source.chromium.org/search?q=MeasureAs%3DSanitizerAPI%20file:%5C.idl$
<https://source.chromium.org/search?q=MeasureAs%3DSanitizerAPI+file%3A%5C.idl%24>
)
Estimated milestones
105
Anticipated spec changes
The plan of record is to migrate the current WICG spec to
HTML proper: *
https://github.com/WICG/sanitizer-api/issues/114
* https://github.com/whatwg/html/issues/7197
Two apparently contentious API choices were removed from
this launch, which is what makes this an MVP. By making
sure the MVP only contains agreed upon APIs we allow for
the future evolution of the API in any direction.
* https://github.com/WICG/sanitizer-api/issues/129
* https://github.com/WICG/sanitizer-api/issues/128
The present spec requires a secure context. This might be
dropped in a future version.
* https://github.com/WICG/sanitizer-api/issues/122
The present spec does not support namespaced content (like
SVG or MathML). This is likely to be added in a future
version.
Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/5786893650231296
This intent message was generated by Chrome Platform
Status <https://chromestatus.com/>; plus manual editing.
--
You received this message because you are subscribed to
the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails
from it, send an email to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALG6KPNZ1TE5wbApR4-scTLjwKT54vzB_FLjnqbLLth%2BJmLpUQ%40mail.gmail.com
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALG6KPNZ1TE5wbApR4-scTLjwKT54vzB_FLjnqbLLth%2BJmLpUQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google
Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfWfCzrDG6-pBY8ChT6A_8%2BbKiPePp%2BCsgADY9vv9rQiQA%40mail.gmail.com
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfWfCzrDG6-pBY8ChT6A_8%2BbKiPePp%2BCsgADY9vv9rQiQA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/7d8da455-19fc-5b85-eed3-8842c409ea97%40gmail.com.
