- From: Erik Dahlström <ed@opera.com>
- Date: Tue, 11 Feb 2014 13:44:04 +0100
- To: www-svg@w3.org, "Miles Elam" <mcelam@google.com>
The SVG WG discussed this issue at the most recent F2F meeting, see minutes here[1] It was resolved that <switch> should not affect <script> processing, and the SVG2 spec has been updated to state this[2]. Thank you for your feedback. [1] http://www.w3.org/2014/01/30-svg-minutes.html#item02 [2] https://svgwg.org/svg2-draft/struct.html#SwitchElement On Fri, 17 Jan 2014 01:01:40 +0100, Miles Elam <mcelam@google.com> wrote: > Example URL: > http://jsbin.com/ABOzeDAR/2 > > Alert box shown even though the script tag should be in a deactivated > portion of the switch element. > > I was exploring this as a way of getting IE SMIL support to work by > enabling the FakeSmile (SMIL polyfill) script only when the > declarative animation feature is missing, i.e., 'switch' with > requiredFeatures="http://www.w3.org/TR/SVG11/feature#Animation". > Unfortunately, Chrome, FireFox, and Safari all execute the script > regardless of placement whereas purely visual elements work as > expected when placed in the switch. > > I found this unintuitive. As a Mozilla contributor noted, "‘script’ > should actually only be valid if it is a child of ‘a’, ‘defs’, > ‘glyph’, ‘g’, ‘marker’, ‘missing-glyph’, ‘pattern’, ‘svg’, and > ‘symbol'. By the letter of the svg specification therefore it should > be ignored even if it is the active child of a switch (unless you made > the script the child of a valid container like an svg or g element)." > > So I may have been in error in trying the script tag in the switch > element, but given that it's invalid either way, I find it troubling > that a script gets executed regardless of context. > > The spec would do well to have the behavior codified. Also, is there > any proposal for incorporating such polyfills without scripting? I > though I had found one with the switch element, but obviously not in > practice. > > One of my goals was to have an easily validated SVG model that was > purely declarative, meaning in this case SVG + SMIL. Once event > handlers, script tags, and executable data URIs enter in the picture, > the potential exploit surface becomes vastly larger. The introduction > of the SMIL polyfill was only meant to be limited pragmatism toward > Microsoft's...shall we say independence. > > I'd like to use declarative feature detection, but as it stands I'm > stuck with adding the script everywhere or doing server side > modification by user agent sniffing, i.e., non-optimal, and there is > no guidance here with regard to a spec that I can refer to during bug > reports. > > > Cheers, > > Miles Elam > > -- Erik Dahlstrom, Web Technology Developer, Opera Software Co-Chair, W3C SVG Working Group
Received on Tuesday, 11 February 2014 12:44:42 UTC