Adds TrustedTypePolicyFactory #3192
Conversation
files/en-us/web/api/trustedtypepolicyfactory/createpolicy/index.html
Outdated
Show resolved
Hide resolved
files/en-us/web/api/trustedtypepolicyfactory/createpolicy/index.html
Outdated
Show resolved
Hide resolved
files/en-us/web/api/trustedtypepolicyfactory/createpolicy/index.html
Outdated
Show resolved
Hide resolved
files/en-us/web/api/trustedtypepolicyfactory/isscript/index.html
Outdated
Show resolved
Hide resolved
files/en-us/web/api/trustedtypepolicyfactory/isscript/index.html
Outdated
Show resolved
Hide resolved
files/en-us/web/api/trustedtypepolicyfactory/isscripturl/index.html
Outdated
Show resolved
Hide resolved
files/en-us/web/api/trustedtypepolicyfactory/isscripturl/index.html
Outdated
Show resolved
Hide resolved
files/en-us/web/api/trustedtypepolicyfactory/isscripturl/index.html
Outdated
Show resolved
Hide resolved
…x.html Co-authored-by: Joe Medley <[email protected]>
…x.html Co-authored-by: Joe Medley <[email protected]>
Co-authored-by: Joe Medley <[email protected]>
Co-authored-by: Joe Medley <[email protected]>
….html Co-authored-by: Joe Medley <[email protected]>
….html Co-authored-by: Joe Medley <[email protected]>
….html Co-authored-by: Joe Medley <[email protected]>
….html Co-authored-by: Joe Medley <[email protected]>
…index.html Co-authored-by: Joe Medley <[email protected]>
…ndex.html Co-authored-by: Joe Medley <[email protected]>
Co-authored-by: Joe Medley <[email protected]>
Co-authored-by: Joe Medley <[email protected]>
Co-authored-by: Joe Medley <[email protected]>
Co-authored-by: Joe Medley <[email protected]>
Co-authored-by: Joe Medley <[email protected]>
files/en-us/web/api/trustedtypepolicyfactory/createpolicy/index.html
Outdated
Show resolved
Hide resolved
…x.html Co-authored-by: Joe Medley <[email protected]>
|
@jpmedley I had a few comments on some of your comments but the other things are done. |
|
|
||
| <p class="summary">The <strong><code>createPolicy()</code></strong> method of the {{domxref("TrustedTypePolicyFactory")}} interface creates a {{domxref("TrustedTypePolicy")}} object that implements the rules passed as <code>policyOptions</code>.</p> | ||
|
|
||
| <h3 id="Default_policy">The default policy</h3> |
There was a problem hiding this comment.
I hate to throw this back at you again, but this needs to have information that aspects of the default policy are non-normative and specific to Chrome. This kind of thing is not unprecedented on MDN. If a normative approach emerges in the future, Chrome will likely be the first to implement it, giving us the chance to update this.
There was a problem hiding this comment.
I don't really understand what you want me to do here or where this non-normative information is from that you want me to include. I've searched the spec, for all instances of defaultPolicy, and I seem to have documented this according to the spec.
I also looked at the open issues on the spec: https://github.com/w3c/webappsec-trusted-types/issues
I did note in my original comment on this that I didn't understand your non-normative comment: #3192 (comment)
What aspect are you suggesting is specific to Chrome? Given that only Chromium has implemented I can't test it to find out what other UAs are doing to try and work this out myself.
If you can let me know where you have this Chromium specific info from I'll fold it in :)
There was a problem hiding this comment.
https://w3c.github.io/webappsec-trusted-types/dist/spec/#default-policy-hdr
- Somewhere say that the default is currently set in Chrome by creating a policy with the name "default". If another browser implements this differently, they'll have a logical place to document it. If Chrome's current behavior is ratified, we'll be able to remove the word 'Chrome' from the description.
- Include a disclaimer that this isn't settled in the spec and may change in the future.
There was a problem hiding this comment.
done in latest commit, though I think that really the same could be said about pretty much any feature only implemented in one engine! Hence my general bemusement.
There was a problem hiding this comment.
I understand your concern. This is a judgement call based on experience with very new APIs. We'll discuss this in our 1:1 this week. Thank you for trusting me.
Adds the TrustedTypePolicyFactory interface and subpages.
Spec: https://w3c.github.io/webappsec-trusted-types/dist/spec/#trusted-type-policy-factory
Reviewer: @jpmedley
Joe: the MDN helper returned some odd things for this one and didn't create one page, however the spec matches BCD in terms of which pages should exist. So I've followed that.