LGTM1. It's a small straight-forward change.
On Thu, Oct 21, 2021 at 12:44 AM <[email protected]> wrote: > Contact emails > [email protected], [email protected] > > Explainer: > The securitypolicyviolation event is already implemented in all > browsers, one can find document on > MDN( > https://developer.mozilla.org/en-US/docs/Web/API/GlobalEventHandlers/onsecuritypolicyviolation > , > > https://developer.mozilla.org/en-US/docs/Web/API/Element/securitypolicyviolation_event > ). > The securitypolicyviolation event is dispatched when there is a Content > Security Policy violation. Typically, the JS code of the web component > will listen to securitypolicyviolation events and react with necessary > updates. > > One could just use addEventListener, but for convenience and consistency > with other events (e.g. slotchange) it makes sense to add a IDL > onsecuritypolicyviolation attribute which also reflect the attribute on > elements. We recently shipped slotchange idl attriubte as well > ( > https://groups.google.com/a/chromium.org/g/blink-dev/c/cagoIboJ6Oo/m/yje1mcIUBAAJ > ) > > Developers are habitual to use EventTarget.onload = ... and <element > onload="..."> , but if this does not work for all events, it will be > surprising. > > Currently, the way to listen an event is: > target.addEventListener("securitypolicyviolation", mylistener); > > After this addition an alternative attribute-based form will be > availlable for the developers > element > <target onsecuritypolicyviolation="myListener()"> > > Doc Link(s): > - https://html.spec.whatwg.org/#handler-onsecuritypolicyviolation > - https://github.com/whatwg/html/pull/2651 > - https://chromium-review.googlesource.com/c/chromium/src/+/3226366 > > Specification > https://html.spec.whatwg.org > > Summary > The securitypolicyviolation event is fired when a Content Security > Policy is violated.One can listen to that event via the > EventTarget.addEventListener() API. The goal is now to expose the > onsecuritypolicyviolation IDL attribute from the GlobalEventHandlers > interface, so that one can register a listener by attaching this > attribute to target elements. > > Blink component > Blink>DOM > > Motivation > The securitypolicyviolation event is fired when a Content Security > Policy is violated. > One can naturally listen to that event via the > EventTarget.addEventListener() API. However, web developers are also > familiar with the alternative attribute-based form (e.g. > element.addEventListener("securitypolicyviolation > ", ...) Vs on <element onsecuritypolicyviolation="...">) > which is sometimes convenient for quick testing. For consistency with > other events, an attribute onsecuritypolicyviolation is thus added. > > TAG review > TAG review status > This is just a small change to an existing spec implemented in browsers > and discussed at WHATWG > > Risks > Interoperability and Compatibility > > Gecko: > Shipped/Shipping (https://bugzilla.mozilla.org/show_bug.cgi?id=1727302) > > WebKit: > Shipped/Shipping (https://bugs.webkit.org/show_bug.cgi?id=229381) > > Web developers: > N/A > > Debuggability > No DevTools changes are required, treated like any other > event/attribute. > > Is this feature fully tested by web-platform-tests? > Yes > > Web Platform Tests: > w3c/web-platform-tests/dom/idlharness.window.html > > w3c/web-platform-tests/html/webappapis/scripting/events/event-handler-all-global-events.html > > w3c/web-platform-tests/html/webappapis/scripting/events/event-handler-attributes-body-window-expected.txt > > > w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative.html > > > Requires code in //chrome? > False > > Tracking bug > https://bugs.chromium.org/p/chromium/issues/detail?id=1242893 > > Patch: > https://chromium-review.googlesource.com/c/chromium/src/+/3226366 > > Estimated milestones > - > > Link to entry on the Chrome Platform Status > https://www.chromestatus.com/features/5639484386312192 > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/35dc5869ac062cb1fd0e8d9bca3f05e3%40igalia.com > . > -- TAMURA Kent Software Engineer, Google -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGH7WqFNhQ6QYFP9pyYe3Xtx5LHZdty%3DopoMRWSjy%3DOg-exdtQ%40mail.gmail.com.
