bug due to querySelector(All) assumptions #49
Description
At least one bug is caused by using querySelectorAll and assuming it only returns HTML elements:
const linkElements = Array.from(rootElement.querySelectorAll('a, area'))
linkElements
.filter(element => element.href.startsWith('javascript:'))
The HTML <a> and <area> elements guarantee that .href is a string (an empty string if the attribute is absent). But SVG’s <a> element does not, making these lines throw an error (discovered in the wild).
Need to check all uses of querySelector(All). Maybe we could…
- do an
instanceofcheck on the resulting elements; - or just check for the existence of the
hrefattribute (or should we avoid interfering with unexpected namespaces?); - or we could select the elements in some other way, e.g.
rootElement.getElementsByTagNameNS('http://www.w3.org/1999/xhtml','a').
Seperately (in scope of issue #27) we should check if javascript: URLs should be removed from SVG’s xlinks.