Mention that clients should not be producing invalid HTML #1605
Conversation
|
@KitsuneRal I'd appreciate your specific review on this one. |
| In addition to not rendering unsafe HTML, clients should not emit unsafe HTML in events. | ||
| Likewise, clients should not generate HTML that is not needed, such as extra paragraph tags | ||
| surrounding text due to Rich Text Editors. HTML included in events should otherwise be valid, | ||
| such as having appropriate closing tags, valid attributes, and generally valid structure. |
There was a problem hiding this comment.
Regarding HTML validity - that's not quite accurate. AIUI, clients should specifically use data-mx-bg-color and data-mx-color attributes instead of color/background-color attributes/CSS properties.
What I had in mind is to minimalistically add " and emit" to line 65, "to/from" to line 77 and slightly reword line 101 because that paragraph only pertains to rendering. But if we want to make a separate paragraph then the above translation of Matrix custom HTML attributes should be mentioned.
There was a problem hiding this comment.
I think a separate paragraph is better, just because I think we also wanted the whole "don't produce garbage" thing for RTEs. Will add a mention about the custom attributes.
There was a problem hiding this comment.
We also need make sure that we allow for things such as the <mx-reply> element that's used in rich replies.
There was a problem hiding this comment.
I have a branch for rich replies that makes reference to this as a special case.
turt2live
requested review from
KitsuneRal and
a team
and removed request for
a team
Rendered: see 'docs' status check
Fixes #1595