Intent to Prototype: Run scripts when setting HTML

[Chromestatus]

Contact emails

nrose...@chromium.org, foo...@chromium.org

Explainer

https://github.com/whatwg/html/issues/11669

Specification

No information provided

Summary

Optionally run scripts when setting HTML: element.setHTMLUnsafe(html, {runScripts: true}) This behavior is already exposed via createContextualFragment, however that API is not very ergonomic, has undocumented side effects, and doesn't integrate with new features like the HTML sanitizer. Later this option will be also availabe for streamHTMLUnsafe, and in methods like streamAppendHTMLUnsafe. The "safe" variants don't include this option, as it's unsafe by definition.

Blink component

Blink>HTML>Parser

Web Feature ID

dom

Motivation

Organize the different HTML setting methods in an ergonomic and consistent way, so that all of them have access to the same options (script execution, sanitizing, streaming, partial/full replacement). Though most options are already available by means of using obscure APIs like createContextualFragment, having all of these consolidated explains the platform better and helps authors avoid mistakes and understand the implications of each method.

Initial public proposal

https://github.com/whatwg/html/issues/11669

Requires code in //chrome?

False

Tracking bug

https://issues.chromium.org/issues/469706054

Estimated milestones

No milestones specified

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5157829096898560?gate=5139780100816896

This intent message was generated by Chrome Platform Status.