New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUGFIX] Allow DOMText and implicitly DOMCdataSection #72
Conversation
@ohader thanks for this. Do you have any concerns with leaving the escaped |
Escaped text is safe. If it wasn't, you'd have to remove or sanitize all text nodes. Serializing CDATA sections as CDATA sections is not safe in HTML since it's sometimes parsed as a bogus comment. |
@zcorpan Thanks for pointing that out. I just discovered your remarks in whatwg/html#4016 from 2018 as well... 😳 So basically
|
Recent change disallowed CDATA sections, however the actual fix would have been to disallow non SVG-elements when used inline in some HTML-context. Resolves: darylldoyle#70
CDATA sections are now converted to text nodes, containing encoded content only... and basically that's it. This text node conversion now is more explicit. |
Yeah, always replacing CDATA section nodes with text nodes is what I would suggest. |
@darylldoyle Can you merge this PR please and tag a new |
@darylldoyle Awesome! Thanks a bunch! 👍 |
Recent change disallowed CDATA sections, however the actual fix
would have been to disallow non SVG-elements when used inline in
some HTML-context.
Resolves: #70