-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add unsanitized
option to async clipboard API.
#197
Conversation
@evanstade Made spec changes for |
I would like the |
Tagging @EdgarChen in this PR as well. Could you please take a look if you are OK with this change? Thanks! |
Clarified in the latest iteration. |
index.bs
Outdated
|
||
1. If |formats| is not empty, then: | ||
|
||
1. If |formats|'s size is greater than 1, then [=reject=] |p| with {{"NotAllowedError"}} {{DOMException}} in |realm|. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feels odd to me that the IDL is written to support more than one unsanitized format, but the algorithm wording is only structured to support exactly one sanitized format. Why not iterate over the whole list and reject if any of them are not in the allowed-to-be-sanitized list?
Also if more formats were added in the future, the set of permittable formats could vary by browser. How are sites to know which formats they can ask for? Is throwing an error the best way to deal with them asking for the wrong formats to be unsanitized, or should some format values just be ignored? If throwing an error, how does the site figure out which format(s) were in error?
I don't have a ton of experience with spec language/algos. Can you find a spec mentor to help with these questions?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Addressed these concerns in the latest iteration. Please let me know if I missed anything. Thanks!
index.bs
Outdated
@@ -841,7 +861,11 @@ url: https://w3c.github.io/permissions/#permissions-task-source; type: dfn; | |||
|
|||
Issue: It should be possible to read the data asynchronously from the system clipboard after the author calls getType, however, this set of steps implies that data will be provided at the time of read. | |||
|
|||
1. The user agent, MAY sanitize |representation|'s [=representation/data=], unless |representation|'s [=representation/MIME type=]'s essence is "image/png", which should remain unsanitized to preserve meta data. | |||
1. The user agent, MAY sanitize |representation|'s [=representation/data=], unless it satisfies the below conditions: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems like "sanitize" should be defined.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I agree with you, but we spent almost a year and half trying to define sanitization, and neither Gecko nor Webkit wants to agree on a definition. At this point I think we just want to add unsanitized
option to this spec and leave the contentious algorithms out of the spec.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't have to necessarily define the exact steps that constitute hyopthetical sanitization, but it does seem that it would be useful to describe what it's not, because another way to word this text is: "The user agent MUST NOT sanitize the data if it satisfies the below conditions". So what exactly is the user agent not allowed to do, or must it do, if it's providing "unsanitized" data?
In particular, this came up in code review where, after some discussion, it was decided that the CFHTML fragment tags should be left in place. The spec should be clear about this so other vendors don't come to a different conclusion at the implementation step.
@evanstade I think the latest iteration addresses all your concerns, but please let me know if there is anything missing. I would like to restart the I2S process as I'm not receiving any response from Mozilla folks. |
Landing this PR. Please let me know if you have any comments and I'll address it in separate PRs. |
SHA: c1d37ae Reason: push, by snianu Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
SHA: c1d37ae Reason: push, by pull[bot] Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
It looks like some of the checkboxes in the issue template weren't completed before merging. Was that intentional? |
@zcorpan Sorry I created a new bug in Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1867331 |
"Implementation commitment" doesn't sound like just filing bugs but more about implementation interest 🤔, in that sense I'm not sure the checkboxes are correct. |
@saschanaz We have also filed a request for position: mozilla/standards-positions#769 |
That's nice, but my understanding of commitment is that there at least should be some interest. Having a bug does not mean an interest, right? |
@saschanaz right and in that case the bug can be resolved as "Won't fix" with a comment that the user agent is not interested in this feature, and the request for position should be marked accordingly. |
Sure. What I feel off here is the checkbox for Gecko is filled, when there's no public implementation commitment from Gecko. Edit: ... which means there should be only one filled checkbox for commitment, which should have blocked this PR from being merged I guess. |
@saschanaz We can remove it from the spec if we only have one implementor interest, but waiting indefinitely for a signal is probably not the right way to decide whether there is interest from a particular browser. If the official stance of Firefox is negative, then please let me know and I can revert this PR and create another PR and mark it as BLOCKED. That way if Firefox or Webkit changes their stance and decide to support this feature in the future, we can unblock the PR and merge it. |
I see your point, but then how are we going to track which part doesn't have implementer consensus and which part does? Having an open PR is easier for that and doing so automatically prevents any part of the spec without consensus from accidentally becoming CR. |
Note that the IDL and the language in the algorithms already allow non-supporting implementors to be in compliant with the spec while also allowing implementors who are interested in the new feature. I don't see any parts in the PR that is contentious unless I'm missing something? |
I'm talking about the general process rather than the PR itself. And also I don't think we'll want to add any kind of optional features without consensus, just because it's okay to not implement it. |
We spent over two years trying to get consensus on this API, but we couldn't. Safari has clearly stated their position, so since you commented that you are not in favor of an optional parameter, should I mark Firefox's position as negative? |
Our position will be announced in our standards-position issue probably by Edgar. I definitely see your frustration, but still I think merging PRs without consensus makes it hard to make sure every part of the spec has consensus (which is needed for recommendation track), and I see no benefits to merge it early. |
@saschanaz Let's discuss this in the EditingWG meeting which is going to happen next Thursday. Without any clear stance on this API, it's hard to assume whether we have consensus or not. If you can officially state your position before that, we can definitely revert the PR, else, we will have to decide what to do with it in the EditingWG meeting where hopefully someone from Firefox can give us clear official stance on this issue. Thanks! |
Closes #????
For normative changes, the following tasks have been completed:
Implementation commitment:
Preview | Diff