Should the “DOM clobbering” note mention the id attribute as well? · whatwg/html#6076

(5 评论) (0 反应) (0 负责人)HTML (7,654 star) (2,520 fork)batch import

clarificationgood first issue

描述

Two years ago, the HTML Standard added a note about the issue of accidentally overriding built-in DOM properties with the name attribute on inputs.

Commit: https://github.com/whatwg/html/commit/d661e874760bb1a4fc0634e6f01e5c02b8c8c1fe Spec section: https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#attributes-common-to-form-controls

I have recently noticed that this issue exists with the id attribute as well. The following example is the same example as in the spec, except that I replaced input.name with input.id:

let form = document.createElement("form");
let input = document.createElement("input");
form.appendChild(input);

console.log(form.method);           // => "get"
input.id = "method"; // DOM clobbering occurs here
console.log(form.method === input); // => true

Demo: https://jsbin.com/zehajuh/edit?js,console

This issue happens in all three major browser engines (Chrome, Safari, Firefox).

Should the spec note be updated to say “Avoid using the names of built-in form properties with the name and id content attributes”?

贡献者指南

技术栈: 无
领域: documentation
议题类型: documentation
难度: 2
预计时间: under 1 hour
活动状态: stale
清晰度: clear
前置要求: DOM clobberingHTML spec editing
新手友好度: 75
研究方向: Review the existing spec note at the linked section (https://html.spec.whatwg.org/multipage/form control infrastructure.html#attributes common to form controls) and the commit that added the initial note (https://github.com/whatwg/html/commit/d661e874760bb1a4fc0634e6f01e5c02b8c8c1fe). Verify that the id attribute causes the same clobbering across browsers using the provided demo. Then propose updated wording that includes the id attribute alongside the name attribute.