Form Participation API #305
Comments
|
Hey! Had a chance to take a preliminary look at this... Of the two major features introduced, the event part seems pretty nice; the custom elements integration part raises a lot of major questions. Just focusing on the event part: Q: formdata event is fired last in sequence. This means validation has been done previously. As developers will want to add their own data into the form submission (via formData), would they want to have that data validated? Assuming if programmatically added, then data can be synchronously validated. Q: 'formdata' is synchronous (https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#form-submission-algorithm) which means that it will be possible to submit another form (or the same form) from within the form submission steps with this event. This could lead to problems, and should probably be protected. (Possible options include changing the form submission steps to go in-parallel after firing the submit event and queue the formdata event, or limit re-entrancy by adding a form-submit-in-progress flag or similar. |
|
Thank you for the comment.
I assume developers rarely want to validate data for Adding I'd like to start with the current design. If many developers want to cancel form submission in
Yeah, form submission in |
torgo
changed the title
|
I updated the document.
|
|
I'd like to start to merge the proposal to the HTML specification. Are there any feedbacks? |
|
Is there any reason why the proposal is in a Google doc? And not in a markdown file inside of a pull request? |
|
@mkay581 You can add comments to the doc without your Google account. The proposal was initially reviewed in Google, and the TAG review process doesn't ask to provide proposals in markdown as pull requests. So I have no reason to change the form of the proposal. |
|
Sure. But these types of subtle inconveniences are what I believe keeps the open-source community fragmented. You don't (and probably shouldn't) need a hard authoritative rule just to make things convenient for the community. Having it in github makes things like this easier to request comments on both before and after this is potentially considered. Having it in a separate document doesn't keep it versioned under github after this has been reviewed. And I don't see there being any dedicated Github repo for this proposal. Anonymous Comments on a google doc (without logging in) doesn't give me any type of notifications on version changes or other comments. If changes can be made to it in Google and nobody is aware, it just defeats the whole purpose of this being an open community-involved process. |
|
Specification PRs: |
|
While I don't think it's a big deal, I'd note that I think the answers to the first two questions in the Security and Privacy self-review are a little suspicious -- users frequently do put personally-identifiable information or high-value data into form controls. But I don't think this proposal is substantially changing the characteristics that the web already has given its existing form controls, so I don't immediately see anything to worry about. |
lknik
added
Progress: pending external feedback
|
Discussing it at Reykjavik F2F. |
|
@lknik |
|
@tkent-google did you answer @dbaron somewhere? |
|
Hi, @tkent-google! We briefly discussed this on our telcon tonight. Overall, we like the shape of the API and don't have any particular concerns to raise that haven't already come up. Thanks for bringing this to our attention! |
Bonjour TAG,
I'm requesting a TAG review of:
Further details (optional):
You should also know that...
We understand the proposal doesn't follow "3.2. Events are for notification" and "3.3. Favor asynchronous events" in the Design Principles.
We'd prefer the TAG provide feedback as (please select one):
The text was updated successfully, but these errors were encountered: