[webkit-dev] Request for Position on Sanitizer API

Daniel Vogelheim vogelheim at chromium.org
Mon Mar 15 07:31:45 PDT 2021


Hello webkit-dev,

I'd like to request a position statement on the proposed Sanitizer API
<https://github.com/WICG/sanitizer-api/>.

The Sanitizer API wants to build an HTML Sanitizer right into the web
platform. The goal is to make it easier to build XSS-free web applications.
The intended contributions of the Sanitizer API are: Making a sanitizer
more easily accessible to web developers; be easy to use and safe by
default; and shift part of the maintenance burden to the platform.

Currently available are an explainer
<https://github.com/WICG/sanitizer-api> and
an early spec draft <https://wicg.github.io/sanitizer-api/>, and early
prototype implementations in Chromium & Firefox
<https://github.com/WICG/sanitizer-api/blob/main/faq.md#can-i-use-the-sanitizer-in-my-app>,
behind flags.

Thank you for your consideration!
Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20210315/096f997a/attachment.htm>


More information about the webkit-dev mailing list