Skip to content

Sanitizer API #87

New issue
New issue
Open
Open
Sanitizer API#87
@js-choi

Description

@js-choi
js-choi
opened on May 12, 2025

The web Sanitizer API is still in flux. But maybe it’s worth considering whether it’s within scope of WinterTC early on.

  • Server-side rendering (SSR) is becoming increasingly common.
  • DOMPurify is widely deployed on Node and probably other JavaScript server runtimes.

Of course, the Sanitizer API is strongly coupled to DOM node objects; its current design extends Element and Document.

  • But, while the spec is still in flux, it may be worth investigating whether WinterTC should provide input to the Sanitizer API WICG on any string-to-string transformations. Such a string-to-string sanitization API may still be useful in webpages and would definitely be useful in JavaScript server runtimes (or service workers in browsers).
  • Alternatively, a very limited subset of the DOM could also be standardized by WinterTC, à la jsdom and happy-dom, and the Santizer API for servers would sit on that DOM subset. This would be a much bigger undertaking, but it could pay off.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions