Add setHTMLUnsafe and parseHTMLUnsafe methods

source

@@ -10579,6 +10579,8 @@ typedef (<span>HTMLScriptElement</span> or <span>SVGScriptElement</span>) <dfn t
 
 [<span>LegacyOverrideBuiltIns</span>]
 partial interface <dfn id="document" data-lt="">Document</dfn> {
+  static <code>Document</code> <span data-x="dom-parseHTMLUnsafe">parseHTMLUnsafe</span>(DOMString html);
+
   // <span>resource metadata management</span>
   [PutForwards=<span data-x="dom-location-href">href</span>, <span>LegacyUnforgeable</span>] readonly attribute <span>Location</span>? <span data-x="dom-document-location">location</span>;
   attribute USVString <span data-x="dom-document-domain">domain</span>;
@@ -109055,6 +109057,8 @@ document.body.appendChild(frame)</code></pre>
        also live here? -->
   <h3 id="dom-parsing-and-serialization">DOM parsing</h3>
 
+  <h4>The <code>DOMParser</code> interface</h4>
+
   <p>The <code>DOMParser</code> interface allows authors to create new <code>Document</code> objects
   by parsing strings, as either HTML or XML.</p>
 
@@ -109075,17 +109079,19 @@ document.body.appendChild(frame)</code></pre>
 
     <p>Note that <code>script</code> elements are not evaluated during parsing, and the resulting
     document's <span data-x="document's character encoding">encoding</span> will always be
-    <span>UTF-8</span>.</p>
+    <span>UTF-8</span>. The document's <span data-x="concept-document-url">URL</span> will be
+    inherited from <var>parser</var>'s <span>relevant global object</span>.</p>
 
     <p>Values other than the above for <var>type</var> will cause a <code>TypeError</code> exception
     to be thrown.</p>
    </dd>
   </dl>
 
   <p class="note">The design of <code>DOMParser</code>, as a class that needs to be constructed and
-  then have its <code data-x="dom-DOMParser-parseFromString">parseFromString()</code> method called,
-  is an unfortunate historical artifact. If we were designing this functionality today it would be a
-  standalone function.</p>
+  then have its <code data-x="dom-DOMParser-parseFromString">parseFromString()</code> method
+  called, is an unfortunate historical artifact. If we were designing this functionality today it
+  would be a standalone function. For parsing HTML, the modern alternative is <code
+  data-x="dom-parseHTMLUnsafe">Document.parseHTMLUnsafe()</code>.</p>
 
   <pre><code class="idl">[Exposed=Window]
 interface <dfn interface>DOMParser</dfn> {
@@ -109115,7 +109121,7 @@ enum <dfn enum>DOMParserSupportedType</dfn> {
    <li>
     <p>Let <var>document</var> be a new <code>Document</code>, whose <span
     data-x="concept-document-content-type">content type</span> is <var>type</var> and <span
-    data-x="concept-document-URL">url</span> is this's <span>relevant global object</span>'s <span
+    data-x="concept-document-URL">URL</span> is this's <span>relevant global object</span>'s <span
     data-x="concept-document-window">associated <code>Document</code></span>'s <span
     data-x="concept-document-URL">URL</span>.</p>
     <!-- When https://github.com/whatwg/html/issues/4792 gets fixed we need to investigate which of
@@ -109136,23 +109142,8 @@ enum <dfn enum>DOMParserSupportedType</dfn> {
      data-x="dom-DOMParserSupportedType-texthtml"><code>text/html</code>"</dfn></dt>
      <dd>
       <ol>
-       <li><p>Set <var>document</var>'s <span data-x="concept-document-type">type</span> to "<code
-       data-x="">html</code>".</p></li>
-
-       <li><p>Create an <span>HTML parser</span> <var>parser</var>, associated with
-       <var>document</var>.</p></li>
-
-       <li><p>Place <var>string</var> into the <span>input stream</span> for <var>parser</var>. The
-       encoding <span data-x="concept-encoding-confidence">confidence</span> is
-       <i>irrelevant</i>.</p></li>
-
-       <li>
-        <p>Start <var>parser</var> and let it run until it has consumed all the characters just
-        inserted into the input stream.</p>
-
-        <p class="note">This might mutate the document's <span
-        data-x="concept-document-mode">mode</span>.</p>
-       </li>
+       <li><p><span>Parse HTML from a string</span> given <var>document</var> and
+       <var>string</var>.</p></li>
       </ol>
 
       <p class="note">Since <var>document</var> does not have a <span
@@ -109194,6 +109185,135 @@ enum <dfn enum>DOMParserSupportedType</dfn> {
    <li><p>Return <var>document</var>.</p>
   </ol>
 
+  <p>To <dfn>parse HTML from a string</dfn>, given a <var>document</var> <code>Document</code> and a
+  <span>string</span> <var>html</var>:</p>
+
+  <ol>
+   <li><p>Set <var>document</var>'s <span data-x="concept-document-type">type</span> to "<code
+   data-x="">html</code>".</p></li>
+
+   <li><p>Create an <span>HTML parser</span> <var>parser</var>, associated with
+   <var>document</var>.</p></li>
+
+   <li><p>Place <var>html</var> into the <span>input stream</span> for <var>parser</var>. The
+   encoding <span data-x="concept-encoding-confidence">confidence</span> is
+   <i>irrelevant</i>.</p></li>
+
+   <li>
+    <p>Start <var>parser</var> and let it run until it has consumed all the characters just
+    inserted into the input stream.</p>
+
+    <p class="note">This might mutate the document's <span
+    data-x="concept-document-mode">mode</span>.</p>
+   </li>
+  </ol>
+
+  </div>
+
+  <h4>Unsafe HTML parsing methods</h4>
+
+  <dl class="domintro">
+   <dt><code data-x=""><var>element</var>.<span subdfn
+   data-x="dom-Element-setHTMLUnsafe">setHTMLUnsafe</span>(<var>html</var>)</code></dt>
+
+   <dd>
+    <p>Parses <var>html</var> using the HTML parser, and replaces the children of <var>element</var>
+    with the result. <var>element</var> provides context for the HTML parser.</p>
+   </dd>
+
+   <dt><code data-x=""><var>shadowRoot</var>.<span subdfn
+   data-x="dom-ShadowRoot-setHTMLUnsafe">setHTMLUnsafe</span>(<var>html</var>)</code></dt>
+
+   <dd>
+    <p>Parses <var>html</var> using the HTML parser, and replaces the children of
+    <var>shadowRoot</var> with the result. <var>shadowRoot</var>'s <span
+    data-x="concept-DocumentFragment-host">host</span> provides context for the HTML parser.</p>
+   </dd>
+
+   <dt><code data-x=""><var>doc</var> = Document.<span
+   data-x="dom-parseHTMLUnsafe">parseHTMLUnsafe</span>(<var>html</var>)</code></dt>
+
+   <dd>
+    <p>Parses <var>html</var> using the HTML parser, and returns the resulting
+    <code>Document</code>.</p>
+
+    <p>Note that <code>script</code> elements are not evaluated during parsing, and the resulting
+    document's <span data-x="document's character encoding">encoding</span> will always be
+    <span>UTF-8</span>. The document's <span data-x="concept-document-url">URL</span> will be
+    <code>about:blank</code>.</p>
+   </dd>
+  </dl>
+
+  <p class="warning">These methods perform no sanitization to remove potentially-dangerous elements
+  and attributes like <code>script</code> or <span>event handler content attributes</span>.</p>
+
+  <pre><code class="idl">partial interface <span id="Element-partial">Element</span> {
+  undefined <span data-x="dom-Element-setHTMLUnsafe">setHTMLUnsafe</span>(DOMString html);
+};
+
+partial interface <span id="ShadowRoot-partial">ShadowRoot</span> {
+  undefined <span data-x="dom-ShadowRoot-setHTMLUnsafe">setHTMLUnsafe</span>(DOMString html);
+};</code></pre>
+
+  <div w-nodev>
+
+  <p><code>Element</code>'s <dfn method for="Element"><code
+  data-x="dom-Element-setHTMLUnsafe">setHTMLUnsafe(<var>html</var>)</code></dfn> method steps
+  are:</p>
+
+  <ol>
+   <li><p>Let <var>target</var> be <span>this</span>'s <span>template contents</span> if
+   <span>this</span> is a <code>template</code> element; otherwise <span>this</span>.</p></li>
+
+   <li><p><span>Unsafely set HTML</span> given <var>target</var>, <span>this</span>, and
+   <var>html</var>.</p></li>
+  </ol>
+
+  <p><code>ShadowRoot</code>'s <dfn method for="ShadowRoot"><code
+  data-x="dom-ShadowRoot-setHTMLUnsafe">setHTMLUnsafe(<var>html</var>)</code></dfn> method steps
+  are to <span>unsafely set HTML</span> given <span>this</span>, <span>this</span>'s <span
+  data-x="concept-DocumentFragment-host">shadow host</span>, and <var>html</var>.</p>
+
+  <p>To <dfn>unsafely set HTML</dfn>, given an <code>Element</code> or <code>DocumentFragment</code>
+  <var>target</var>, an <code>Element</code> <var>contextElement</var>, and a <span>string</span>
+  <var>html</var>:</p>
+
+  <ol>
+   <li><p>Let <var>newChildren</var> be the result of the <span>HTML fragment parsing algorithm</span>
+   given <var>contextElement</var> and <var>html</var>.</p></li>
+
+   <li><p>Let <var>fragment</var> be a new <code>DocumentFragment</code> whose <span>node
+   document</span> is <var>contextElement</var>'s <span>node document</span>.</p></li>
+
+   <li><p>For each <var>node</var> in <var>newChildren</var>, <span
+   data-x="concept-node-append">append</span> <var>node</var> to <var>fragment</var>.</p></li>
+
+   <li><p><span data-x="concept-node-replace-all">Replace all</span> with <var>fragment</var> within
+   <var>target</var>.</p></li>
+  </ol>
+
+  <hr>
+
+  <p>The static <dfn method for="Document"><code
+  data-x="dom-parseHTMLUnsafe">parseHTMLUnsafe(<var>html</var>)</code></dfn> method steps are:</p>
+
+  <ol>
+   <li>
+    <p>Let <var>document</var> be a new <code>Document</code>, whose <span
+    data-x="concept-document-content-type">content type</span> is "<code
+    data-x="">text/html</code>".</p>
+
+    <p class="note">Since <var>document</var> does not have a <span
+    data-x="concept-document-bc">browsing context</span>, <span data-x="concept-n-script">scripting
+    is disabled</span>.</p>
+   </li>
+
+   <li><p><span>Parse HTML from a string</span> given <var>document</var> and
+   <var>html</var>.</p></li>
+
+   <li><p>Return <var>document</var>.</p></li>
+  </ol>
+
   </div>