- From: Ian Hickson <ian@hixie.ch>
- Date: Thu, 10 May 2012 22:31:02 +0000 (UTC)
- To: Erik Arvidsson <arv@chromium.org>
- cc: "Tab Atkins Jr." <jackalmage@gmail.com>, Anne van Kesteren <annevk@annevk.nl>, Yehuda Katz <wycats@gmail.com>, Jonas Sicking <jonas@sicking.cc>, Henri Sivonen <hsivonen@iki.fi>, Rafael Weinstein <rafaelw@google.com>, Webapps WG <public-webapps@w3.org>
On Thu, 10 May 2012, Erik Arvidsson wrote: > On Thu, May 10, 2012 at 3:18 PM, Ian Hickson <ian@hixie.ch> wrote: > > Yes, I understand that. But what's the use case? > > http://code.google.com/p/dart/source/search?q=new%5CsElement%5C.html%5C%28&origq=new%5CsElement%5C.html%5C%28&btnG=Search+Trunk > > I'm sure you can find a bunch of jQuery usages too. None of the examples I see there seem to be cases where the parsing code doesn't know what's going on ahead of time. As far as I can tell, they could all easily just take an argument saying what parse mode to use, and avoid all the problems of magically determining the parse mode; e.g. it would allow the examples inserting <style> blocks to insert the contents into existing <style> blocks instead of creating new ones, and it would not run the risk of the parse mode changing unexpectedly due to unescaped content in the various places that seem to be prone to injection attacks (though maybe the \${} syntax is some sort of magically autoescaping syntax? Though I don't see how it could be, it doesn't seem to have enough context either). -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 10 May 2012 22:31:27 UTC