[Bug 14254] New: insertText has to handle things like \r, \0, etc. sanely from bugzilla@jessica.w3.org on 2011-09-22 (public-webapps@w3.org from July to September 2011)

From: <bugzilla@jessica.w3.org>
Date: Thu, 22 Sep 2011 21:19:49 +0000
To: public-webapps@w3.org
Message-ID: <bug-14254-2927@http.www.w3.org/Bugs/Public/>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=14254

           Summary: insertText has to handle things like \r, \0, etc.
                    sanely
           Product: WebAppsWG
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: minor
          Priority: P2
         Component: HTML Editing APIs
        AssignedTo: ayg@aryeh.name
        ReportedBy: ayg@aryeh.name
         QAContact: sideshowbarker+html-editing-api@gmail.com
                CC: mike@w3.org, public-webapps@w3.org


What should happen if you do document.execCommand("inserttext", false, "\0") or
something like that?  That won't serialize to text/html.  Presumably the input
needs to be sanitized somehow, but how?  The brute-force option is to say you
have to apply a function that works like

  function normalizeText(text) {
    var span = document.createElement("span");
    span.textContent = text;
    span.innerHTML = span.innerHTML;
    return span.innerHTML;
  }

This will work, but is there a simpler way?  It would be pretty ridiculous to
require calling the HTML parsing and serialization algorithms here.  I could
just require that the results be the same, but that invites bugs.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Received on Thursday, 22 September 2011 21:19:55 UTC