WordPress.org

Make WordPress Core

Changes between Initial Version and Version 2 of Ticket #47595


Ignore:
Timestamp:
06/24/2019 08:33:33 AM (19 months ago)
Author:
westonruter
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #47595

    • Property Keywords has-patch added
  • Ticket #47595 – Description

    initial v2  
    1111The result is that not only are the HTML5 input types used (e.g. `email`) but the comment form itself also gets a `novalidate` attribute added to it. This prevents HTML5 client-side validation from being performed on comment form when submitting which was added due to [https://core.trac.wordpress.org/ticket/15080#comment:2 concerns] about browsers implementing validation in very different ways. Nevertheless, this concern  was about browsers ''9 years ago'' so it would be worthwhile to see if this is still a problem. (The attribute was added in #15080 via r23689.)
    1212
    13 If `novalidate` remains important to keep there is a case for optionally allowing it to be removed in order to rely only on client-side validation only. In the [https://wordpress.org/plugins/pwa/ PWA feature plugin] adds support for '''Offline Commenting'''. This works by having the service worker intercept the `POST` submission to `wp-comments-post.php`: it makes the request, and if it fails fails due to the user being offline, the service worker will replay it later when the user comes back online via the [https://github.com/WICG/BackgroundSync BackgroundSync API]. However, if client-side validation was not performed then it is possible the user omitted a required field or provided a bad email address, so when they do come back online and the comment is synced, the server would then reject it and it would be more difficult for the user then to find out that their previously-posted comment actually failed. If no filter is available for removing the `novalidate` attribute, then it has to get removed via hacks like using JS or via PHP with output buffering.
     13If `novalidate` remains important to keep there is a case for optionally allowing it to be removed in order to rely only on client-side validation only. The [https://wordpress.org/plugins/pwa/ PWA feature plugin] adds support for '''Offline Commenting'''. This works by having the service worker intercept the `POST` submission to `wp-comments-post.php`: it then makes the request, and if it fails fails due to the user being offline, the service worker will replay it later when the user comes back online via the [https://github.com/WICG/BackgroundSync BackgroundSync API]. However, if client-side validation was not performed then it is possible the user omitted a required field or provided a bad email address, so when they do come back online and the comment is synced, the server would then reject it and it would be more difficult for the user then to find out that their previously-posted comment actually failed. If no filter is available for removing the `novalidate` attribute, then it has to get removed via hacks like using JS or via PHP with output buffering.
    1414
    1515But again, is there still a case for adding the `novalidate` attribute in the first place? Is not client-side validation a ''better user experience'' (if browsers now are now consistent in  validation)? For that matter, is there even a case for the `format` attribute and shouldn't HTML5 ''always'' be used?