- From: Mirko Brodesser <notifications@github.com>
- Date: Mon, 08 Apr 2024 03:21:46 -0700
- To: whatwg/webidl <webidl@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/webidl/pull/1392/review/1986017273@github.com>
@mbrodesser-Igalia commented on this pull request. > @@ -10259,6 +10261,39 @@ that does specify [{{SecureContext}}]. </pre> </div> +<h4 id="StringContext" extended-attribute lt="StringContext">[StringContext]</h4> + +If the [{{StringContext}}] [=extended attribute=] appears on {{DOMString}} or {{USVString}}, it +modifies how the value is converted to the IDL type, causing additional value validation to +adhere to the context the string is used in. + +The [{{StringContext}}] extended attribute must [=takes an identifier|take an identifier=]. The [=identifier=] +must be one of "<code>TrustedHTML</code>", "<code>TrustedScript</code>", and "<code>TrustedScriptURL</code>". + +The [{{StringContext}}] extended attribute may only annotate a type of a [=regular attribute=] or +a [=regular operation=] argument. A type annotated with the [{{StringContext}}] +extended attribute must not appear in a [=read only=] attribute. + +A type that is not {{DOMString}} or {{USVString}} must not be [=extended attributes associated with|associated with=] > https://w3c.github.io/trusted-types/dist/spec/#setting-slot-values - does require use of `ScriptString?` so this might need updating to account for it. Btw, Chromium doesn't reflect the spec here (https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/html/html_script_element.idl;l=24-52;drc=d1cf902be6fc9ae8654fe5a6c466dfb51f782197). -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/webidl/pull/1392#discussion_r1555583898 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/webidl/pull/1392/review/1986017273@github.com>
Received on Monday, 8 April 2024 10:21:50 UTC