LGTM2 to catch up here (Apparently we have 2 intent emails for this..)
On Thu, Oct 21, 2021 at 3:50 AM TAMURA, Kent <[email protected]> wrote: > LGTM1. It's a small straight-forward change. > > > > On Thu, Oct 21, 2021 at 12:44 AM <[email protected]> wrote: > >> Contact emails >> [email protected], [email protected] >> >> Explainer: >> The securitypolicyviolation event is already implemented in all >> browsers, one can find document on >> MDN( >> https://developer.mozilla.org/en-US/docs/Web/API/GlobalEventHandlers/onsecuritypolicyviolation >> , >> >> https://developer.mozilla.org/en-US/docs/Web/API/Element/securitypolicyviolation_event >> ). >> The securitypolicyviolation event is dispatched when there is a Content >> Security Policy violation. Typically, the JS code of the web component >> will listen to securitypolicyviolation events and react with necessary >> updates. >> >> One could just use addEventListener, but for convenience and consistency >> with other events (e.g. slotchange) it makes sense to add a IDL >> onsecuritypolicyviolation attribute which also reflect the attribute on >> elements. We recently shipped slotchange idl attriubte as well >> ( >> https://groups.google.com/a/chromium.org/g/blink-dev/c/cagoIboJ6Oo/m/yje1mcIUBAAJ >> ) >> >> Developers are habitual to use EventTarget.onload = ... and <element >> onload="..."> , but if this does not work for all events, it will be >> surprising. >> >> Currently, the way to listen an event is: >> target.addEventListener("securitypolicyviolation", mylistener); >> >> After this addition an alternative attribute-based form will be >> availlable for the developers >> element >> <target onsecuritypolicyviolation="myListener()"> >> >> Doc Link(s): >> - https://html.spec.whatwg.org/#handler-onsecuritypolicyviolation >> - https://github.com/whatwg/html/pull/2651 >> - https://chromium-review.googlesource.com/c/chromium/src/+/3226366 >> >> Specification >> https://html.spec.whatwg.org >> >> Summary >> The securitypolicyviolation event is fired when a Content Security >> Policy is violated.One can listen to that event via the >> EventTarget.addEventListener() API. The goal is now to expose the >> onsecuritypolicyviolation IDL attribute from the GlobalEventHandlers >> interface, so that one can register a listener by attaching this >> attribute to target elements. >> >> Blink component >> Blink>DOM >> >> Motivation >> The securitypolicyviolation event is fired when a Content Security >> Policy is violated. >> One can naturally listen to that event via the >> EventTarget.addEventListener() API. However, web developers are also >> familiar with the alternative attribute-based form (e.g. >> element.addEventListener("securitypolicyviolation >> ", ...) Vs on <element onsecuritypolicyviolation="...">) >> which is sometimes convenient for quick testing. For consistency with >> other events, an attribute onsecuritypolicyviolation is thus added. >> >> TAG review >> TAG review status >> This is just a small change to an existing spec implemented in browsers >> and discussed at WHATWG >> >> Risks >> Interoperability and Compatibility >> >> Gecko: >> Shipped/Shipping (https://bugzilla.mozilla.org/show_bug.cgi?id=1727302) >> >> WebKit: >> Shipped/Shipping (https://bugs.webkit.org/show_bug.cgi?id=229381) >> >> Web developers: >> N/A >> >> Debuggability >> No DevTools changes are required, treated like any other >> event/attribute. >> >> Is this feature fully tested by web-platform-tests? >> Yes >> >> Web Platform Tests: >> w3c/web-platform-tests/dom/idlharness.window.html >> >> w3c/web-platform-tests/html/webappapis/scripting/events/event-handler-all-global-events.html >> >> w3c/web-platform-tests/html/webappapis/scripting/events/event-handler-attributes-body-window-expected.txt >> >> >> w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative.html >> >> >> Requires code in //chrome? >> False >> >> Tracking bug >> https://bugs.chromium.org/p/chromium/issues/detail?id=1242893 >> >> Patch: >> https://chromium-review.googlesource.com/c/chromium/src/+/3226366 >> >> Estimated milestones >> - >> >> Link to entry on the Chrome Platform Status >> https://www.chromestatus.com/features/5639484386312192 >> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/35dc5869ac062cb1fd0e8d9bca3f05e3%40igalia.com >> . >> > > > -- > TAMURA Kent > Software Engineer, Google > > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGH7WqFNhQ6QYFP9pyYe3Xtx5LHZdty%3DopoMRWSjy%3DOg-exdtQ%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGH7WqFNhQ6QYFP9pyYe3Xtx5LHZdty%3DopoMRWSjy%3DOg-exdtQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfWfPAMQdB1ncpXmMKcE6CrvpjsjD-fDWooBfYR-_fN1-w%40mail.gmail.com.
