Start a new topic

Allow contenteditable="true" on HTML elements

Currently, many chosters are finding unique and creative ways to create interactive chosts through the user of CSS and HTML. However, one thing that is missing is editable text.


By whitelisting the HTML attribute contenteditable="true", chosters could make HTML elements of their choice, within their chosts, editable by fellow chosters in an ephemeral way.


This is different from <input> in that it make elements such as <p> able to have their contents edited, said elements are more versatily themable, and most importantly, edited contents are not submitted in any shape or form to anything. It's not a form. It just tells the browser users can edit the internal contents, giving a fun additional method of interactivity with which to expand the novelty of chosts.


For example, this shitchost originally had contenteditable in mind: https://cohost.org/MisutaaAsriel/post/752374-div-style-backgrou


But alas, it does not work without the tag.


11 people like this idea

Im pretty sure this is the only change needed to be done (line 64ish in `lib/markdown.ts`) and it should be safe to allow, as im pretty sure it doesnt allow adding of elements to a page, only deleting them, and is unable to escape its parent element. 

image



2 people like this
https://developer.mozilla.org/en-US/docs/Web/HTML/Global_attributes/contenteditable Contenteditable neither allows adding elements nor modifying parent containers, and edits are ephemeral (that is, edits are lost when you navigate away, and local to the machine). Most importantly, contenteditable only applies to the **contents**, not their attributes or properties. It's relatively harmless on its own. Without any scripts to read and parse the edited content, this is no more dangerous than going into Developer Tools and manually changing the text of something locally, AFAIK. It's a novelty, but one which could make for some rather amusing and creative posts.
To clarify, it's even less dangerous than developer tools, because it's restricted to text information contained within an HTML element, not its properties nor anything else that developer tools would have access to. In laymen's terms: all this would do is let people change the text of a post locally until they navigate away from the page, and only on elements explicitly marked as editable (therefore intended to be editable) A novelty.

1 person likes this
Login or Signup to post a comment