Haven’t been following this closely enough to understand the overhead involved, but if it’s not big then retaining backwards compatibility in emulation should take priority IMO. For other component sets I wouldn’t say that.
From: Harbs<mailto:[email protected]> Sent: Sunday, December 12, 2021 2:12 PM To: [email protected]<mailto:[email protected]> Subject: Re: Sanitizing HTML (was Re: 0.9.9) > On Dec 12, 2021, at 11:30 AM, Harbs <[email protected]> wrote: > > Spark ButtonBase I just spent some time looking at this. It seems like Spark supported styling the button labels which is probably why innerHTML is used. https://stackoverflow.com/questions/15295129/flex-part-of-spark-button-bold-label <https://stackoverflow.com/questions/15295129/flex-part-of-spark-button-bold-label> So there’s two ways we can handle this: 1. Keep innerHTML, but sanitize the HTML. 2. Change Spark Buttons to only support plain text by default and add an html setter to be clear that it’s expecting HTML (which needs to be sanitized). I like 2 better, but that would not keep perfect backwards compatibility. Thoughts? Harbs
