Never mind. My mail was backed up and I hadn't seen that it was already
approved, thus no longer on the list. All is well, and my LGTM1 is
actually a bonus LGTM4
/Daniel
On 2024-02-21 17:23, Daniel Bratell wrote:
This doesn't show up in the shipping status in chromestatus so it's
not on
This doesn't show up in the shipping status in chromestatus so it's not
on our radar. My LGTM1 still stands, but it can easily be forgotten, and
we might miss some important review step, if it's not there.
/Daniel
On 2024-02-16 18:14, Joey Arhar wrote:
> Is this the relevant explainer
LGTM1
/Daniel
On 2024-02-16 18:14, Joey Arhar wrote:
> Is this the relevant explainer (referenced from the PR below):
https://github.com/WICG/sanitizer-api/blob/main/explainer.md
Yes, as far as I know.
> This seems positive, right?
Whoops, meant to put positive. I updated the chromestatus.
LGTM3
On 21/02/2024 07:48, Yoav Weiss (@Shopify) wrote:
LGTM2
On Wednesday, February 21, 2024 at 6:19:50 AM UTC+1 Domenic Denicola wrote:
LGTM1. I recall these methods getting lots of good design review and
discussion in the PR, from multiple parties. I'm excited to see them
ship.
LGTM2
On Wednesday, February 21, 2024 at 6:19:50 AM UTC+1 Domenic Denicola wrote:
> LGTM1. I recall these methods getting lots of good design review and
> discussion in the PR, from multiple parties. I'm excited to see them ship.
>
> Thanks Luke for spotting the trusted types interaction, and
LGTM1. I recall these methods getting lots of good design review and
discussion in the PR, from multiple parties. I'm excited to see them ship.
Thanks Luke for spotting the trusted types interaction, and fixing it!
On Saturday, February 17, 2024 at 2:15:09 AM UTC+9 Joey Arhar wrote:
> > Is
> Is this the relevant explainer (referenced from the PR below):
https://github.com/WICG/sanitizer-api/blob/main/explainer.md
Yes, as far as I know.
> This seems positive, right?
Whoops, meant to put positive. I updated the chromestatus.
> Both of these look like "Shipped/Shipping", per
Just to keep everyone up to date, you can disregard my remarks above I've
landed a patch which addresses the lack of trusted types protection, thanks
for the quick review Joey.
Regards,
Luke
On Wednesday, February 14, 2024 at 10:49:23 PM UTC Luke wrote:
> Hi,
>
> In it's current form
Hi,
In it's current form Chromium's implementation of these functions bypasses
trusted types protection.
The below WPT tests cover this behaviour:
https://wpt.fyi/results/trusted-types/block-string-assignment-to-ShadowRoot-setHTMLUnsafe.html?label=experimental=master
On Wed, Feb 14, 2024 at 1:53 PM Jeffrey Yasskin
wrote:
> Non-API-owner opinions inline:
>
> On Wed, Feb 14, 2024 at 1:42 PM 'Vladimir Levin' via blink-dev <
> blink-dev@chromium.org> wrote:
>
>> I just had some clarifying questions
>>
>> On Wed, Feb 14, 2024 at 1:13 PM Joey Arhar wrote:
>>
>>>
Non-API-owner opinions inline:
On Wed, Feb 14, 2024 at 1:42 PM 'Vladimir Levin' via blink-dev <
blink-dev@chromium.org> wrote:
> I just had some clarifying questions
>
> On Wed, Feb 14, 2024 at 1:13 PM Joey Arhar wrote:
>
>> Some additional notes:
>> - This API is tested in the declarative
I just had some clarifying questions
On Wed, Feb 14, 2024 at 1:13 PM Joey Arhar wrote:
> Some additional notes:
> - This API is tested in the declarative ShadowDOM tests in interop2024,
> and it is counting against us to not have it enabled by default.
> - The future sanitization options will
Some additional notes:
- This API is tested in the declarative ShadowDOM tests in interop2024, and
it is counting against us to not have it enabled by default.
- The future sanitization options will be added as an optional second
parameter to both methods, so there will not be any compat issues
13 matches
Mail list logo
