Ready for Trial: Sanitizer API

[Daniel Vogelheim]

Contact emails

voge...@chromium.org, mk...@chromium.org, l...@chromium.org

Explainer

https://github.com/WICG/sanitizer-api

Specification

https://wicg.github.io/sanitizer-api/

API spec

Yes

Summary

The Sanitizer API wants to build an HTML Sanitizer right into the web platform. The goal is to make it easier to build XSS-free web applications. The intended contributions of the Sanitizer API are: Making a sanitizer more easily accessible to web developers; be easy to use and safe by default; and shift part of the maintenance burden to the platform

Blink component

Blink>SecurityFeature

TAG review status

Pending - In preparation. The WICGroup would like to get one important spec item resolved before sending this off to TAG.

Risks

Interoperability and Compatibility

Gecko: In development (https://groups.google.com/g/mozilla.dev.platform/c/C4EHeQlaMbU/m/C8hNg9ehBwAJ)

Standards Position: https://github.com/mozilla/standards-positions/issues/106

WebKit: No signal (https://lists.webkit.org/pipermail/webkit-dev/2021-March/031731.html)

A position statement has been requested. By my reading, the answer received is skeptical but avoids taking a definite stance one way or another. Please follow the link for details.

Web developers: No signals

Security

The goal of this feature is to make security more accessible. We generally consider this feature low risk, since it's an additive feature that does extend or interact with existing platform security mechanisms. The specification lists several security risks that are being considered during development of the feature: https://wicg.github.io/sanitizer-api/#security-considerations

Goals for experimentation

Mainly, API usability.

There are several open API questions the WICGroup is considering. We hope that a dev trial will give us feedback on whether the API is useful in its current form, and how to proceed with the outstanding questions.

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

Yes

Is this feature fully tested by web-platform-tests?

Yes - Test coverage will be improved as we go along. On the plus side, both TT + Chromium implementations pass the current tests. :)

Tracking bug

https://crbug.com/1101982

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5786893650231296

This intent message was generated by Chrome Platform Status. (Plus edits.)

[Thomas Steiner]

On Mon, Mar 22, 2021 at 12:11 PM 'Daniel Vogelheim' via blink-dev <blin...@chromium.org> wrote:

Contact emails

voge...@chromium.org, mk...@chromium.org, l...@chromium.org

Explainer

https://github.com/WICG/sanitizer-api

Specification

https://wicg.github.io/sanitizer-api/

API spec

Yes

Summary

The Sanitizer API wants to build an HTML Sanitizer right into the web platform. The goal is to make it easier to build XSS-free web applications. The intended contributions of the Sanitizer API are: Making a sanitizer more easily accessible to web developers; be easy to use and safe by default; and shift part of the maintenance burden to the platform

Blink component

Blink>SecurityFeature

TAG review status

Pending - In preparation. The WICGroup would like to get one important spec item resolved before sending this off to TAG.

Risks

Interoperability and Compatibility

Gecko: In development (https://groups.google.com/g/mozilla.dev.platform/c/C4EHeQlaMbU/m/C8hNg9ehBwAJ)

Standards Position: https://github.com/mozilla/standards-positions/issues/106

WebKit: No signal (https://lists.webkit.org/pipermail/webkit-dev/2021-March/031731.html)

A position statement has been requested. By my reading, the answer received is skeptical but avoids taking a definite stance one way or another. Please follow the link for details.

Web developers: No signals

I think based on https://goo.gle/developer-signals, it is fair to say Web developers feedback is positive based on the reaction to this tweet: https://twitter.com/tomayac/status/1304384984191569920.