- From: Maciej Stachowiak <mjs@apple.com>
- Date: Tue, 08 Dec 2009 07:55:56 -0800
- To: David Lindsay <thornmaker@gmail.com>
- Cc: gaz Heyes <gazheyes@gmail.com>, Adam Barth <w3c@adambarth.com>, Daniel Glazman <daniel@glazman.org>, Thomas Roessler <tlr@w3.org>, public-web-security@w3.org
On Dec 8, 2009, at 7:43 AM, David Lindsay wrote: > On Tue, Dec 8, 2009 at 10:07, Maciej Stachowiak <mjs@apple.com> wrote: > >> Another possibility is to specifically blacklist the use of the >> contents of >> the "value" attribute in attribute selectors for elements in the HTML >> namespace. Either all elements, or specifically input elements, or >> more >> specifically input elements of type password or hidden. >> I think that is better than making attribute selectors not work >> with those >> elements at all. People validly use attribute selectors on form >> controls >> based on the "type" attribute to style them. >> Regards, >> Maciej >> > > Are there any legitimate use cases for selecting an element based on > the value attribute? I think some solution like this is the direction > we should be looking. Maybe based on *presence* of the value attribute (i.e. [value]) but I cannot think of any valid use cases based on contents of the value attribute ([value*=a]). Regards, Maciej
Received on Tuesday, 8 December 2009 15:56:31 UTC