Skip to content

Commit 38c3cf5

Browse files
authored
Fix links to innerHTML property (w3c#503)
1 parent 57153a8 commit 38c3cf5

File tree

1 file changed

+3
-9
lines changed

1 file changed

+3
-9
lines changed

spec/index.bs

Lines changed: 3 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -109,14 +109,8 @@ WorkerGlobalScope-importScripts.html
109109
</wpt>
110110

111111
<pre class="anchors">
112-
spec: DOM-Parsing; urlPrefix: https://w3c.github.io/DOM-Parsing/
113-
type: enum; text: SupportedType
114-
type: abstract-op; text: fragment parsing algorithm; url: html-fragment-parsing-algorithm
115-
spec: DOM-Parsing; url: https://w3c.github.io/DOM-Parsing/#dom-innerhtml; type: interface; text: InnerHTML
116112
urlPrefix: https://html.spec.whatwg.org/multipage/common-dom-interfaces.html; type: dfn; spec: HTML
117113
text: reflect
118-
url: https://heycam.github.io/webidl/#this; type: dfn; spec: WebIDL
119-
text: this
120114
spec:ECMA-262; urlPrefix: https://tc39.github.io/ecma262/
121115
type:abstract-op; text:ToString; url: sec-tostring
122116
type:abstract-op; text:Get; url: sec-get-o-p
@@ -127,7 +121,6 @@ spec: HTML; urlPrefix: https://html.spec.whatwg.org/
127121

128122
<pre class="link-defaults">
129123
spec:fetch; type:dfn; for:/; text:request
130-
spec:DOM Parsing; type:idl; for:Element; text:innerHTML
131124
spec:html; type:dfn; for:global object; text:realm
132125
spec:csp3; type:dfn; text:csp list
133126
spec:csp3; type:dfn; for:global object; text:csp list
@@ -330,8 +323,9 @@ Since HTML parsers can create arbitrary elements, including scripts, and set arb
330323
DOM XSS <a>injection sinks</a> also include HTML parsing sinks:
331324

332325
* Functions that parse & insert HTML strings into the document like
333-
{{InnerHTML/innerHTML|Element.innerHTML}},
334-
{{Element/outerHTML|Element.outerHTML}} setter, or Document.write.
326+
{{Element/innerHTML|Element.innerHTML}},
327+
{{ShadowRoot/innerHTML|ShadowRoot.innerHTML}},
328+
and {{Element/outerHTML|Element.outerHTML}} setters, or Document.write.
335329
* Functions that create a new same-origin {{Document}} with caller-controlled
336330
markup like {{DOMParser/parseFromString()}}.
337331

0 commit comments

Comments
 (0)