Skip to content

Add module as a type of <script>#95

Closed
yykamei wants to merge 1 commit intoShopify:mainfrom
yykamei:add-module
Closed

Add module as a type of <script>#95
yykamei wants to merge 1 commit intoShopify:mainfrom
yykamei:add-module

Conversation

@yykamei
Copy link
Copy Markdown
Contributor

@yykamei yykamei commented Sep 9, 2022

Recently, JavaScript module would be getting used because almost all browsers support it, so module could also be added in VALID_JAVASCRIPT_TAG_TYPES as a type of <script>.

What do you think?

@yykamei
Copy link
Copy Markdown
Contributor Author

yykamei commented Sep 9, 2022

I signed in the CLA.

seanpdoyle
seanpdoyle reviewed Nov 17, 2022
View reviewed changes
Copy link
Copy Markdown

@seanpdoyle seanpdoyle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it intentional that BetterHtml includes a set of acceptable values that is less strict than those declared by shopify/erb_lint? Is it intentional that they share overlapping responsibilities?

Is there an opportunity to replace one with the other?

If not, should ERBLint::Linters::AllowedScriptType be updated to include "module" as well?

@yykamei
Copy link
Copy Markdown
Contributor Author

yykamei commented Nov 19, 2022

Is it intentional that BetterHtml includes a set of acceptable values that is less strict than those declared by shopify/erb_lint? Is it intentional that they share overlapping responsibilities?

I think it's a good point, but I'm not sure the relationship between erb-lint and better-html.

Actually, I'm using erb-lint with ErbSafety enabled. As you said, I configured AllowedScriptType to allow "module", but still, I encountered a similar issue, and I found out the issue is raised from better-html. So far, erb-lint has no options to configure better-html. That's why I opened this PR.

linters:
  AllowedScriptType:
    enabled: true
    allowed_types:
      - 'application/json'
      - 'module'
  DeprecatedClasses:
    enabled: true
  ErbSafety:
    enabled: true

@rafaelfranca
Copy link
Copy Markdown
Member

rafaelfranca commented Dec 8, 2022

better-html is a HTML parser that can be also used to transform unsafe HTML to safe HTML. We use it as a security measurement. It isn't linter. It just happen to be used the erb-lint as the parser for HTML and ERB.

The configuration of the linter should be independent from the list of allowed types in better-html. Their defaults can be the same though.

@rafaelfranca
Copy link
Copy Markdown
Member

rafaelfranca commented Dec 8, 2022

Can you please rebase the PR so I can start the CI?

@yykamei
Copy link
Copy Markdown
Contributor Author

yykamei commented Dec 9, 2022

Thank you. I rebased it.

@yykamei
Add module as a type of <script>
61d7414 
Recently, JavaScript module would be getting used because almost all
browsers support it, so `module` could also be added in
`VALID_JAVASCRIPT_TAG_TYPES` as a `type` of `<script>`.
@yykamei
Copy link
Copy Markdown
Contributor Author

yykamei commented Feb 28, 2023

I also rebased again.

@rafaelfranca rafaelfranca mentioned this pull request Apr 13, 2023
Closed
rafaelfranca added a commit that referenced this pull request Apr 13, 2023
@rafaelfranca
Merge PR #95
de1fe4d
@rafaelfranca
Copy link
Copy Markdown
Member

rafaelfranca commented Apr 13, 2023

Merged in de1fe4d

@yykamei yykamei deleted the add-module branch April 13, 2023 21:47
@stevepolitodesign stevepolitodesign mentioned this pull request Dec 1, 2023
Merged
2 tasks
@davidstosik davidstosik mentioned this pull request Oct 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@seanpdoyle seanpdoyle seanpdoyle left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yykamei @rafaelfranca @seanpdoyle