New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mention that clients should not be producing invalid HTML #1605

Merged
merged 4 commits into from Aug 31, 2018

Conversation

3 participants
@turt2live
Member

turt2live commented Aug 29, 2018

Rendered: see 'docs' status check


Fixes #1595

@turt2live turt2live requested a review from matrix-org/spec-core-team Aug 29, 2018

@turt2live turt2live added this to In review (just the PRs) in August 2018 r0 via automation Aug 29, 2018

@turt2live

This comment has been minimized.

Member

turt2live commented Aug 29, 2018

@KitsuneRal I'd appreciate your specific review on this one.

In addition to not rendering unsafe HTML, clients should not emit unsafe HTML in events.
Likewise, clients should not generate HTML that is not needed, such as extra paragraph tags
surrounding text due to Rich Text Editors. HTML included in events should otherwise be valid,
such as having appropriate closing tags, valid attributes, and generally valid structure.

This comment has been minimized.

@KitsuneRal

KitsuneRal Aug 29, 2018

Contributor

Regarding HTML validity - that's not quite accurate. AIUI, clients should specifically use data-mx-bg-color and data-mx-color attributes instead of color/background-color attributes/CSS properties.

What I had in mind is to minimalistically add " and emit" to line 65, "to/from" to line 77 and slightly reword line 101 because that paragraph only pertains to rendering. But if we want to make a separate paragraph then the above translation of Matrix custom HTML attributes should be mentioned.

This comment has been minimized.

@turt2live

turt2live Aug 29, 2018

Member

I think a separate paragraph is better, just because I think we also wanted the whole "don't produce garbage" thing for RTEs. Will add a mention about the custom attributes.

This comment has been minimized.

@uhoreg

uhoreg Aug 30, 2018

Member

We also need make sure that we allow for things such as the <mx-reply> element that's used in rich replies.

This comment has been minimized.

@turt2live

turt2live Aug 30, 2018

Member

I have a branch for rich replies that makes reference to this as a special case.

@turt2live turt2live requested a review from matrix-org/spec-core-team Aug 30, 2018

@turt2live turt2live requested review from KitsuneRal and matrix-org/spec-core-team and removed request for matrix-org/spec-core-team Aug 30, 2018

August 2018 r0 automation moved this from In review (just the PRs) to Reviewer approved Aug 31, 2018

@turt2live turt2live merged commit 136ba15 into matrix-org:master Aug 31, 2018

7 checks passed

ci/circleci: build-dev-scripts Your tests passed on CircleCI!
Details
ci/circleci: build-docs Your tests passed on CircleCI!
Details
ci/circleci: build-swagger Your tests passed on CircleCI!
Details
ci/circleci: check-docs Your tests passed on CircleCI!
Details
ci/circleci: validate-docs Your tests passed on CircleCI!
Details
docs Click details to preview the HTML documentation.
Details
swagger Click to preview the swagger build.
Details

August 2018 r0 automation moved this from Reviewer approved to Done (this list will be incomplete) Aug 31, 2018

@turt2live turt2live deleted the turt2live:travis/c2s/clarify-html-again branch Aug 31, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment