It's easy to imagine pattern being used to freeze or crash browsers, if
they implement it stupidly. Let's hope not..
autofocus autoplay preload loopstart
loopend end playcount controls pubdate
autofocus autoplay preload loopstart
loopend end playcount controls pubdate
- placeholder min max step
+ placeholder min max step form required
} ),
"/" => 1, # emit proper <hr /> XHTML
href => $safe_url_regexp,
} ),
"/" => 1, # emit proper <hr /> XHTML
href => $safe_url_regexp,
* htmlscrubber: Round out html5 video support with the preload
attribute and the source tag.
* htmlscrubber: Allow the html5 form attributes: placeholder autofocus,
* htmlscrubber: Round out html5 video support with the preload
attribute and the source tag.
* htmlscrubber: Allow the html5 form attributes: placeholder autofocus,
+ min, max, step, required, autocomplete, novalidate, pattern, and form.
-- Joey Hess <joeyh@debian.org> Tue, 27 Apr 2010 12:10:51 -0400
-- Joey Hess <joeyh@debian.org> Tue, 27 Apr 2010 12:10:51 -0400
> can contain urls or other javascript injection mechanisms), and I can add
> them. (Added several now.) Others, like `embed` are *scary*. --[[Joey]]
> can contain urls or other javascript injection mechanisms), and I can add
> them. (Added several now.) Others, like `embed` are *scary*. --[[Joey]]
+> I have not added the new `ping` attribute, because parsing a
+> space-separeated list of urls to avoid javascript injection is annoying,
+> and the attribute seems generally dubious. --[[Joey]]
+
# HTML5 Validation and t/html.t
[validator.nu](http://validator.nu/) is the authorative HTML5 validator,
# HTML5 Validation and t/html.t
[validator.nu](http://validator.nu/) is the authorative HTML5 validator,