RESOLVED INVALID232614
jsaction attribute not removed when enable-javascript-markup is disabled 
https://bugs.webkit.org/show_bug.cgi?id=232614
Summary jsaction attribute not removed when enable-javascript-markup is disabled
Milan Crha
Reported 2021-11-02 02:35:46 PDT
Using webkit2gtk3-2.34.0. According to the documentation of the WebKitSettings::enable-javascript-markup: > Determines whether or not JavaScript markup is allowed in document. > When this setting is disabled, all JavaScript-related elements and > attributes are removed from the document during parsing. When the document has an element with a `jsaction` attribute and the markup is disabled, then this `jsaction` attribute is preserved. I cannot tell whether it has any effect, but I'd expect it being removed the same as other attributes, like an `onclick` attribute.
Attachments
Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2021-11-02 08:08:36 PDT
Hmmm, I think jsaction must refer to the third-party JS library https://github.com/google/jsaction. It doesn't appear to be a web standard that WebKit implements or knows about as we have zero hits for it anywhere in WebCore or JavaScriptCore, also zero hits on MDN. So I think this is not a bug. The attributes shouldn't do anything unless you run JS that makes them do something. Please reopen if I've misunderstood something.
Milan Crha
Comment 2 2021-11-02 09:45:07 PDT
Right, it looks like some 3rd-party thing (which I saw for the first time today). I probably won't care that much, if the WebKit sources did not reference it at all, but there are some hits in the PerformanceTests/. Anyway, if it's not interpreted by the WebKit, neither a module loaded by it, then it's fine. I'd be happier with a safe side, drop it too, but I'm not reopening this.
Note You need to log in before you can comment on or make changes to this bug.