- From: Ryosuke Niwa <notifications@github.com>
- Date: Fri, 17 Sep 2021 23:18:37 -0700
- To: w3c/clipboard-apis <clipboard-apis@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Saturday, 18 September 2021 06:18:49 UTC
> > > The process of serializing "visible content" in the page we use for sanitization is also pretty difficult to (exactly) specify, since we rely on editing code in WebKit that determines which DOM positions are "visible" to the user (and, importantly, visually distinct from other such DOM positions) to figure out the range in the sanitized page that we should include in the final sanitized markup. For instance, if we're sanitizing Hello, we won't attempt to preserve the fact that there are nested div elements, since the first user-visible position is right before the "H" in the inner text node. > > You mentioned in our last working group meeting that Safari effectively does a "Select All" operation on the offscreen document and serializes the resulting range... did I get that right? I agree that editing heuristics relating to normalized selection positions would be hard to specify without some other foundational work coming first. My preference would be to understand what threat is being mitigated and see if we can propose a simpler step that could still mitigate the same threat. Fundamentally, I don't think this is something we want to standardize at this point in time. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/clipboard-apis/issues/150#issuecomment-922211803
Received on Saturday, 18 September 2021 06:18:49 UTC