-
Notifications
You must be signed in to change notification settings - Fork 22.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The getHTML()
, setHTMLUnsafe()
, and parseHTMLUnsafe()
methods are missing
#32731
Comments
After mdn/browser-compat-data#22866 is merged all of the compat data entries will be set up for any pages added for the various new APIs mentioned. #33141 - seeks to remove the setHTML (and associated documents) content, as it's not helpful imo. |
Btw getHTML has been merged into the spec: https://html.spec.whatwg.org/multipage/dynamic-markup-insertion.html#html-serialization-methods and has an intent to ship in Chromium |
Copying @pepelsbey, @hamishwillee, and @chrisdavidmills to put this on your radar. We're including this in our ongoing Firefox release work. |
Related Firefox bugs:
|
This issue should be reopened it's not fully addressed yet and nor will it be when my second PR is merged. |
@lukewarlow So normally the MDN team do docs, compatibility data, and release note, along with experimental features page update for new stuff behind a preference. If you need any help with any of that, or getting reviews done, feel free to add a note here pinging me with what help you could use from me. |
A release note as well as an experimental features entry, for getHTML would be useful. #33492 could also do with a review on this one. The pages aren't exhaustive but I consider them good enough for an initial entry. Then someone from the docs team can add more detail when they get time. The compat data for these features is all done I believe. |
@mfreed7 I've tagged you with a couple of comments in the linked items.
|
I think "deprecated" doesn't make sense for |
I strongly believe removing the docs would be the most useful approach for developers. But policies prevent that happening. |
Yes in essence there's a safe and an unsafe pairing for setHTML and parseHTML. Eventually they'll both behave simiarly except that setHTML enfoces a "safe" baseline config. Whereas the unsafe variants will allow you to do unsafe things such as creating script elements. These new functions need to exist for two reasons. Declarative shadow dom isn't supported by innerHTML (or any of the existing parser entry points), that's the main difference for now. But in future it needs to be a function so you can pass an argument to it (the sanitizer config). So for now our best bet is to just mention the declarative shadow dom support. |
So this sounds like a technical issue with MDN, right? The state of
Exactly right. "Unsafe" === "Unsanitized" in this case. It does roughly the same thing as
Not quite. If you clone a node that contains a shadow root that is
Correction: "the new copy will have no shadow root". I.e. with |
Also note that a lot of conversation about |
Thanks @mfreed7
The thing is that
So to be clear on our terminology here,
So what you are saying is that the ShadowRoot belonging to a node is always deep cloned if it is cloned at all, but other child nodes are cloned according to the value of
Thanks. This seems to match my new mental model. Could be completely wrong. I wrote a similar comment to this in the issue that is now merged. If it seems wrong let me know. |
Note, I have marked this as done. Note however that I hope to perhaps clean up setHTML() as well via BCD deletion. That would be separate job though. |
@hamishwillee Do you still want to track that in this issue or separate issue? |
I still want to track this here please. |
I am closing this. Kicked off the removal of the sanitizer API stuff in #35238 |
MDN URL
https://developer.mozilla.org/en-US/docs/Web/API/Web_components/Using_shadow_DOM#declaratively_with_html
What specific section or headline is this issue about?
Several APIs related to declarative shadow DOM serialization and parsing
What information was incorrect, unhelpful, or incomplete?
There are several APIs that are not documented at all on MDN:
getHTML()
setHTMLUnsafe()
parseHTMLUnsafe()
serializable
andshadowrootserializable
And the
setHTML()
method is documented, here, but that one isn't yet standardized or shipped anywhere. Perhaps worth removing or marking as such.What did you expect to see?
Documentation
Do you have any supporting links, references, or citations?
setHTMLUnsafe()
andparseHTMLUnsafe()
are specified here:The
getHTML()
method and theserializable
/shadowrootserializable
concept will be in the spec once this spec PR lands:Do you have anything more you want to share?
No response
The text was updated successfully, but these errors were encountered: