Intent to Prototype: Implement MathML <a> element
99 views
Skip to first unread message
tannal
Jun 17, 2026, 1:50:45 AM (11 days ago) Jun 17
to blink-dev
Contact emails
mt...@igalia.com
Explainer
https://people.igalia.com/fwang/mathml-a-href
Specification
https://w3c.github.io/mathml-core/#the-a-element
Design docs
None
Summary
Introduces the <a> element within the MathML namespace exposed via the new MathMLAnchorElement WebIDL interface which inherits from MathMLElement. This feature aligns MathML hyperlink capabilities with HTMLAnchorElement and SVGAElement to ensure consistent link handling across HTML, SVG, and MathML.
Blink component
Blink>MathML
Web Feature ID
Missing feature
Motivation
Linking is an important web feature and support is highly desired for MathML (e.g. to be able to create links on different parts of a mathematical expression). In the past, href was supported on all MathML elements to allow that (in MathML2 in the XLink namespace, and in MathML3 the default namespace) but some concerns were raised this was a bit too intrusive, because we have to do privacy mitigation ( https://github.com/w3c/mathml-core/issues/142 ), handle it specially in the the sanitizer API. We need a new <a> element for MathML to enable hyperlinks in mathematical expression
Initial public proposal
https://github.com/w3c/mathml-core/pull/307
Goals for experimentation
None
Requires code in //chrome?
False
Tracking bug
https://issues.chromium.org/u/1/issues/510487697
Estimated milestones
No milestones specified
Anticipated spec changes
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
https://github.com/w3c/mathml-core/issues/142 https://github.com/w3c/mathml-core/pull/307
Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/6543819626643456?gate=6269974827106304
This intent message was generated by Chrome Platform Status.
mt...@igalia.com
Explainer
https://people.igalia.com/fwang/mathml-a-href
Specification
https://w3c.github.io/mathml-core/#the-a-element
Design docs
None
Summary
Introduces the <a> element within the MathML namespace exposed via the new MathMLAnchorElement WebIDL interface which inherits from MathMLElement. This feature aligns MathML hyperlink capabilities with HTMLAnchorElement and SVGAElement to ensure consistent link handling across HTML, SVG, and MathML.
Blink component
Blink>MathML
Web Feature ID
Missing feature
Motivation
Linking is an important web feature and support is highly desired for MathML (e.g. to be able to create links on different parts of a mathematical expression). In the past, href was supported on all MathML elements to allow that (in MathML2 in the XLink namespace, and in MathML3 the default namespace) but some concerns were raised this was a bit too intrusive, because we have to do privacy mitigation ( https://github.com/w3c/mathml-core/issues/142 ), handle it specially in the the sanitizer API. We need a new <a> element for MathML to enable hyperlinks in mathematical expression
Initial public proposal
https://github.com/w3c/mathml-core/pull/307
Goals for experimentation
None
Requires code in //chrome?
False
Tracking bug
https://issues.chromium.org/u/1/issues/510487697
Estimated milestones
No milestones specified
Anticipated spec changes
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
https://github.com/w3c/mathml-core/issues/142 https://github.com/w3c/mathml-core/pull/307
Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/6543819626643456?gate=6269974827106304
This intent message was generated by Chrome Platform Status.
Daniel Vogelheim
Jun 23, 2026, 1:29:09 PM (4 days ago) Jun 23
to tannal, blink-dev
Hi,
Will this support navigating to javascript:-URLs?
Navigating to javascript:-URLs is an existing mis-feature in the platform, which will execute the given script in the context of the current document and is a popular XSS gadget. Your intent mentions "consistent link handling across HTML, SVG, and MathML", which would suggest to me that javascript:-URLs are supported. But then, I can't find any definite statement for or against in the intent.
From a security perspective it'd be better to drop javascript:-URLs; however, this would admittedly come at the expense of consistency.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/398b6ab3-d82d-4600-ab3d-cdc98761c39en%40chromium.org.
Frédéric Wang Nélar
Jun 24, 2026, 5:19:24 AM (4 days ago) Jun 24
to blin...@chromium.org
Thanks, that's a good question I think currently the WG wants to be consistent and follow SVG/HTML. Meng Tan opened an issue in the spec repo for discussion: https://github.com/w3c/mathml-core/issues/333
If they decide to support javascript: URL: we should make sure the same mitigation as for HTML/SVG exists and are covered by tests (e.g. handling by the sanitizer API or trusted types spec).
Daniel Vogelheim
Jun 24, 2026, 1:06:41 PM (3 days ago) Jun 24
to Frédéric Wang Nélar, blin...@chromium.org
Thanks, that's a good question I think currently the WG wants to be consistent and follow SVG/HTML. Meng Tan opened an issue in the spec repo for discussion: https://github.com/w3c/mathml-core/issues/333
Thanks!
If they decide to support javascript: URL: we should make sure the same mitigation as for HTML/SVG exists and are covered by tests (e.g. handling by the sanitizer API or trusted types spec).
Yes. I also think it needs to be communicated clearly: This is new markup that executes unconstrained Javascript in an arguably surprising way, and is an instant bypass for any 3rd-party sanitizer or linter (if they support MathML at all). External sanitizer libraries are still much more common than either TT or the built-in HTML Sanitizer. We should at least give people a proper heads-up if we go this route.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/b5d9ad91-8342-4858-a9c4-87c9bea21cae%40igalia.com.
Reply all
Reply to author
Forward
0 new messages