This is part of the TrustedTypes effort (see #103699) and a list of innerHTML usages which we avoid. To compile a list of violations
- run
yarn web --trusted-types
- open http://localhost:8080/ in Edge or Chrome
- open console and check for "[Report Only] This document requires 'TrustedHTML' assignment."-messages
Also, there is .vscode/searches/TrustedTypes.code-search which finds all occurences of innerHTML. There are common sources of violation and therefore common fixes
- styling via
style.innerHTML ➡️ use textContent instead (example c112f84)
- clear a node via
node.innerHTML = '' ➡️ use dom.ts#clearNode or node.innerText = ''
- building dom nodes ➡️ use
dom.$ or document.createElement and friends
This is part of the TrustedTypes effort (see #103699) and a list of
innerHTMLusages which we avoid. To compile a list of violationsyarn web --trusted-typesAlso, there is
.vscode/searches/TrustedTypes.code-searchwhich finds all occurences ofinnerHTML. There are common sources of violation and therefore common fixesstyle.innerHTML➡️ usetextContentinstead (example c112f84)node.innerHTML = ''➡️ usedom.ts#clearNodeornode.innerText = ''dom.$ordocument.createElementand friendsviewLayer.js:394@alexdima <-- will not happen, this is part of fine-tuned editor rendering, building dom nodes is not an option