Meeting minutes
<whsieh> is the link https://
no...
https://
Anyone want to scribe today?
<johanneswilm> Travis introduces himself. He is to replace Grisha for the time being.
agenda
Any other agenda items from folks here in IRC?
<johanneswilm> Bo: will get a PR ready for what part sof Input Events level 2 have to be marked optional
<johanneswilm> Wenson: we are on board with svg as safe clipboard mimetype
<johanneswilm> ... but we might want some sanitization that we can discuss here
<johanneswilm> Bo: virtual keyboard API - we have worked on it a while. have internal and external users. Is the group willing to move it to be a WD?
Note: not hearing opposition here on the call.
Action: BoCupp to send mail asking the same.
a?
https://
Will be looking over these from top to bottom.
First issue: https://
Anyone have a preferred day/time to meet at [virtual] TPAC?
Dates are 25 - 29 Oct.
Suggest that we keep same relative time and day?
Any other day we might also like to meet (for schedule flexibility)?
johanneswilm: think asking for 2-3 hours might be good?
https://
johanneswilm: first we need an update from Bo/Grisha...
… they worked on a very long PR. Can we get this merged?
… there was a question in the issue asking about moving into the HTML spec.
… then Doemenic had a discussion about using the terminology of execCommand.
… I personally don't think we need to do it.
… if HTML thinks it's central and should use that naming scheme..
… would be good to have common understanding of execCommand.
<johanneswilm> Bo: it stalled because noone is going to jump on delivering this
BoCupp: to complete the PR... I think it stalled because may not be likely that anyone is going to be working on this?
<johanneswilm> it became deprioritized
<johanneswilm> I would rather wok on those things we want to ship
<johanneswilm> like virtualkeyboard api
<johanneswilm> wenson: we will nor prioritize
johanneswilm: this started as a request on the JS side... editors unhappy showing actions that won't be taken.
… whenever someone wants to know the current state, folks have to read through the spec + PR. Can we merge as an intermediate step.
… would it be easier to merge and then still not worry about putting further time into it.
I think that's a sensible request.
johanneswilm: there may be a few issues...
BoCupp: looks like there's a reduction in scope... dom token list was dropped.
johanneswilm: it was asked to include, but not done. But.. not a problem. We can file an issue to do it.
Action: johanneswilm to file issues that remain from this PR, and then merge the commit as is.
https://
johanneswilm: question to whsieh? CAn we move undo manager api?
whsieh: Will talk to tess.
is it in scope of our charter?
johanneswilm: I think so, but whereever it ends up, we probably shouldn't link to a person account.
wondering if webkit/explainers would work?
BoCupp: is undo manager a concept you'd like to invest to move forward?
whsieh: momentum has stopped, but we still see value in it.
… good use cases :) I'd say "far on the horizon"
johanneswilm: there are buttons for undo/redo, and authors want to disable them. authors are trying to figure out how to integrate their own undo/redo.
… so how do we do this? Add events? Have an Undo Manager? What's the larger direction?
whsieh: I don't think having undo events is mutually exclusive to undo manager.
Action: whsieh to move undomanager to webkit/explainers, then update the issue so we can get a better link.
https://
johanneswilm: people are still interested in fixing/changing execcommand.
… there's a new command "useCSS"
… implemented in Safari 10 years ago.
… not present in all the browsers.
… so technically shouldn't be deprecated.
… spec should say "we recommend "styleCSS" but "useCSS" shouldn't be marked as deprecated.
any objections to undeprecating?
<johanneswilm> bo: don't feel know enough to comment
BoCupp: don't know enough to comment--but seems reasonable if everyone has implemented it.
johanneswilm: there is a full-replacement for it "styleCSS".
not hearing objections to this undeprecation
Action: Ask @saschanaz to files bugs on implementations that may be firing deprecation warnings, and merge the PR.
https://
https://
johanneswilm: We need to figure out if we can merge these specs.
johanneswilm: we could just auto-publish both and then think about merging later?
johanneswilm: we can defer this for another month.
https://
johanneswilm: We decided that we don't need a new input type, but we should agree on which type to use.
… then we got a question back: should there be a paste event?
Does anyone implement this with a paste event?
johanneswilm: new spec, implementers may do this if we spec it.
whsieh: similar to emojis.
… we treat it like a paste, and our implementation does fire 'paste'
… it's for compatibility.
johanneswilm: any argument against having a paste event?
BoCupp: is there a spec change here?
… where would this be documented?
… or is this just advice from the WG on how to maximize compatibility?
johanneswilm: we could be a non-normative note on how to handle paste.
… in the note we could explain to fire it... you'd write the event order.
… e.g., when does input event fire in relation to the paste event?
The firing of 'paste' is written somewhere, right?
BoCupp: I think it would be a good addition.
… also fine with a note.
Action: include a note in the spec (non-normative) about firing paste event as well in this scenario.
https://
johanneswilm: let's just remove the agenda label.
BoCupp: anupam is working on pickling API.
… questions on security aspects, sanitization.
… our plan is to make updates to clipboard-api spec (before shipping anything)
… we're working on it.
… :)
johanneswilm: can we update the editor (it's grisha)
BoCupp: who are we asking? I nominate Anupam!
Action: we'll take the nomination for Anupam back and try to make the switch.
whsieh: was a blog post recently about adding image/SVG+XML... to the web-safe list.
… one of the challenges is dealing with sanitization.
… SVG may use XML parser (vs. HTML parser)
… sanitization may involve more than adding this to the list of types.
… if we're not careful could lead to XSS..?
johanneswilm: does the sanitization need to be sanitized?
<johanneswilm> * standardized
whsieh: in blog post (link) there was a note about not wanting to standardize the sanitization algo.
<whsieh> link: https://
BoCupp: what is the outcome of "adding to web-safe list" does it join a list of things UAs must support?
… we had feedback from Moz in anotehr issue. Putting a mime-type on a list isn't sufficient...
… need to know the format when "html is on the clipboard"
… there are some interop issues.
… Moz feedback was to add that level of detail (to get interop)
… there are variations by platform, yet we'd like a platform neutral.
… I'm very supportive of providing the details.
… a little concerned about adding another one with no good docs.
whsieh: good poitn.
BoCupp: proposal: maybe have whsieh become a co-editor of clipboard-api to help iron out some of the details?
… (also helps improve clipboard-api spec).
RRSAgent: please make the minutes