12:42 | <bilal adnan> | I have a question regarding <main> and <article> |
12:46 | <bilal adnan> | Let's say I have a blog article page. Should the main content be labeled with <main> or <article> ? I personally feel <main> is a better choice but I am confused in one thing.
Why would anyone want to use <article> for the main content of the article. I guess the HTML standard showcases such an example and that confuses me.
|
14:53 | <annevk> | sideshowbarker: sorry, I didn't realize lang-related changes around slot were also being reverted |
20:05 | <sideshowbarker> | sideshowbarker: sorry, I didn't realize lang-related changes around slot were also being reverted No worries — it gave me a chance to go in and read through the spec PRs and related issue comments, and to figure out what it looked like in some actual code. So it was some good learning for me, and I reckon what I learned from it is very likely to be useful for me with some other patch later |
22:34 | <sideshowbarker> | So I’m looking at the test at https://github.com/WebKit/WebKit/blob/main/LayoutTests/http/tests/security/xss-DENIED-script-inject-into-inactive-window2.html#L42 and trying to figure out some way to detect that the “victim” content has loaded — other than by checking location.href
What that tests does is this:
- Creates an
a link
- Sets the link’s
target to _blank
- Sets the link’s
rel value to opener
- Sets the link’s
href to ?actually-attack
- Clicks the link (with
link.click() )
The, after the navigation to ?actually-attack happens:
- Creates another
a link
- Sets the link’s
target to _self
- Sets the link’s
href to http://localhost:8000/security/resources/innocent-victim.html
- Clicks the link (with
link.click() )
So I want to figure out a way to detect when the http://localhost:8000/security/resources/innocent-victim.html content has loaded.
|