- From: Krzysztof Kotowicz <notifications@github.com>
- Date: Wed, 06 Nov 2019 05:42:06 -0800
- To: whatwg/dom <dom@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 6 November 2019 13:42:13 UTC
Referring to the proposal of having a slot for URLs and text in a script element (to avoid patching DOM mutation algos), that we discussed offline, I took a look at this, and there's a small set of [remaining](https://w3c.github.io/webappsec-trusted-types/dist/spec/#enforcement-in-sinks) attribute sinks (inline event handlers + svg scripts + object/embed attrs + srcdoc). These would likely need to get the same treatment, but at least the number of them is manageable. I'll look into it. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/dom/issues/789#issuecomment-550313630
Received on Wednesday, 6 November 2019 13:42:13 UTC