You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the scheme state, when seeing :, maybe we should check the scheme and set the cannot-be-a-base-URL flag if it's javascript (or data, or mailto, or some other known schemes that are bogus as base URLs).
The text was updated successfully, but these errors were encountered:
I'm not sure if we should require that at this level. I think it's nicer if URLs remain as generic as possible. It would be more reasonable to prohibit them in <base>, although also there I'm not sure we have sufficient reason to.
From whatwg/html#672
In the scheme state, when seeing
:
, maybe we should check the scheme and set the cannot-be-a-base-URL flag if it's javascript (or data, or mailto, or some other known schemes that are bogus as base URLs).The text was updated successfully, but these errors were encountered: