On Tue, Apr 5, 2011 at 09:53, <[email protected]> wrote:
> LGTM
>
> Now, what's the expected behavior for SafeUri?
> - URL_ATTRIBUTE_ENTIRE => OK
> - URL_ATTRIBUTE_START => log a warning ? throw ?
>
I think we should throw. Since we're introducing this freshly, might as
well be strict?
> - others => OK ? log a warning
I think it might be good to log a warning. It would be harmless to put a
SafeUri into another context (it'd just get treated as a string and HTML
escaped), but it's most likely not something the developer intended, so a
warning could be helpful.
> ? (note that the previously mentioned
> URL attributes introduced by HTML5, which include <video poster=> for
> instance, will fall in this category; should there be an
> ATTRIBUTE_ENTIRE to allow <video poster="{0}"></video> but warn/disallow
> <video poster="{0}foo"></video>?)
I think it'd best to add these in the parser and then treat them like img
src. I'll see about getting the parser changed.
cheers,
--xtof
>
>
> http://gwt-code-reviews.appspot.com/1396803/
>
--
http://groups.google.com/group/Google-Web-Toolkit-Contributors
