W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Re: paste events and HTML support - interest in exposing a DOM tree?

From: Paul Libbrecht <paul@hoplahup.net>
Date: Mon, 2 May 2011 23:34:25 +0200
Message-Id: <E4534C20-E3AD-4B13-9060-F1450BF55CF0@hoplahup.net>
To: public-webapps <public-webapps@w3.org>
Hallvord,


Le 2 mai 2011 à 09:00, Hallvord R. M. Steen a écrit :
>> I am not at all against your proposal but I tend to see two reasons "against" it:
>> - I expect mostly the server to be providing the HTML, the javascript code does probably not need to process it further (they trust each other!)
> 
> I don't really understand this comment. We're talking about HTML that comes from the clipboard, not from the server.

I think this is not at all contradictory. In many of the scenarios I have working for, the content to be put on the clipboard would come from a "luxury" knowledge structure on the server, one that has access to some semantic source and can infer useful representations out of it; these get put to the clipboard. 
An offline HTML would also be an example of it.

Hence... I would not really need a DOM representation.

(however, I wonder if a timer is going to be honoured for such a query to be finished somehow).

>> - I suppose the security processing may be done under an optimized processing which is not really necessarily DOM-exposed
> 
> Maybe, maybe not. To sanitise something that will be inserted into a DOM structure, I would think the safest thing would be processing it according to DOM algorithms while sanitising too.

Sure.

paul
Received on Monday, 2 May 2011 21:34:56 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:45 GMT