[w3ctag/design-reviews] Early design review: Sanitizer API (#619) from Frederik Braun on 2021-03-23 (public-webapps-github@w3.org from March 2021)

From: Frederik Braun <notifications@github.com>
Date: Tue, 23 Mar 2021 06:42:00 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/619@github.com>

I'm requesting an early design review of the [Sanitizer API](https://wicg.github.io/sanitizer-api/)

Provide a **browser-maintained** "ever-green", **safe**, and **easy-to-use** library for **user input sanitization** as part of the
general **web platform**.

  - Explainer: [<span class="underline">https://github.com/WICG/sanitizer-api/\#sanitization-explainer</span>](https://github.com/WICG/sanitizer-api/#sanitization-explainer)

  - Security and Privacy self-review: [<span class="underline">https://github.com/WICG/sanitizer-api/blob/master/security-questionnaire.md</span>](https://github.com/WICG/sanitizer-api/blob/master/security-questionnaire.md)

  - GitHub repo: [<span class="underline">https://github.com/WICG/sanitizer-api/</span>](https://github.com/WICG/sanitizer-api/)

  - Primary contacts:
      - Frederik Braun (@mozfreddyb), Mozilla, Co-Editor
      - Daniel Vogelheim (@otherdaniel), Google, Co-Editor
      - Yifan Luo (@iVanlIsh), Google, Co-Editor

  - Organization/project driving the design: Prototypes exist in Mozilla Firefox and Google Chrome and we intend to continue driving this.

- External status/issue trackers for this feature (publicly visible, e.g. Chrome Status):
    - [Meta bug for Firefox</span>](https://bugzilla.mozilla.org/show_bug.cgi?id=1650370)
    - [Chrome Status</span>](https://chromestatus.com/feature/5786893650231296)

Further details:

  - We have reviewed the TAG's <span class="underline">[Web Platform Design Principles](https://w3ctag.github.io/design-principles/).</span>

  - The group where the incubation/design work on this is being done: WICG

  - The group where standardization of this work is intended to be
    done: We intend to move this to the webappsec working group. The     draft is [<span class="underline">in scope for the current charter</span>](https://www.w3.org/2019/03/webappsec-2019-charter.html#scope)
    and to-be-renewed charter and [<span class="underline">has been discussed in a recent meeting</span>](https://github.com/w3c/webappsec/blob/main/meetings/2021/2021-02-16-minutes.md#sanitizer-api).

  - Existing major pieces of multi-stakeholder review or discussion of
    this design: N/A

  - Major unresolved issues with or opposition to this design:
    Currently none

  - This work is being funded by: Mozilla and Google

We'd prefer the TAG provide feedback as:
Please [open issues in our GitHub repo for **each point of feedback**](https://github.com/WICG/sanitizer-api/issues/new)

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/619

Received on Tuesday, 23 March 2021 13:42:12 UTC