Page MenuHomePhabricator
Create Task
Maniphest T204618

Permit aria-hidden="true" in Sanitizer
Closed, ResolvedPublic
Actions

Description

The HTML attribute aria-hidden="true" should be whitelisted in https://phabricator.wikimedia.org/source/mediawiki/browse/master/includes/parser/Sanitizer.php$832 around line 832.

The effect is supposed to be rather similar to role="presentation" but the semantics are slightly different.

Elements which are repeating information already available but confusing for blind people shall be suppressed entirely.

A typical case is an eye-catching icon. That might be sufficient to explain the functionality completely for those who can see it, and such readers might ignore the textual description nearby. When listening the screenreader the icon will be mentioned and explained by name, but that does not tell anything. Such elements shall be omitted, focussing now on the remaining textual instructions. However, it is not always a presentational role.

While role="presentation" is intended for decorative elements, like images and lines, aria-hidden="true" shall suppress less important annotations, amendments, notes, which are confusing and related by optical position but not joined to what they shall extend, perhaps a joke or quote.

This is a follow-up of T26659.

Details

SubjectRepoBranchLines +/-
Whitelist `aria-hidden` attribute in Sanitizermediawiki/coremaster+7 -0
Whitelist `aria-hidden` attribute in Sanitizermediawiki/services/parsoidmaster+2 -0
Customize query in gerrit

Related Objects

Mentioned In
T26586: Add title= option for images
T240054: Move top level namespace from Parsoid to Wikimedia\Parsoid
T238845: Call to a member function serialize() on null
T235307: Stop using the Env class outside of the Parsoid library (particularly in the extension REST handlers)
T235273: Remove PHPUtils::jsSort routine (or make it no-op) once Parsoid/JS is retired
T242746: Update ParsoidExtensionAPI to be a coherent and functional extension API to aid extension implementations
T244413: PHP Warning: Use of undefined constant PAGE_UNAVAILABLE - assumed 'PAGE_UNAVAILABLE' (this will throw an Error in a future version of PHP)
T244412: PHP Warning: A non-numeric value encountered
T224445: Permit hidden attribute in Sanitizer
Mentioned Here
T235273: Remove PHPUtils::jsSort routine (or make it no-op) once Parsoid/JS is retired
T235307: Stop using the Env class outside of the Parsoid library (particularly in the extension REST handlers)
T238845: Call to a member function serialize() on null
T240054: Move top level namespace from Parsoid to Wikimedia\Parsoid
T242746: Update ParsoidExtensionAPI to be a coherent and functional extension API to aid extension implementations
T244412: PHP Warning: A non-numeric value encountered
T244413: PHP Warning: Use of undefined constant PAGE_UNAVAILABLE - assumed 'PAGE_UNAVAILABLE' (this will throw an Error in a future version of PHP)
rGPAR612106d2f3a0: Use extension config option for html2wt formatting of extension tags
T26659: Whitelist additional values for the WAI-ARIA role attribute on certain elements in wikitext

Event Timeline

PerfektesChaos created this task.Sep 17 2018, 10:46 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 17 2018, 10:46 PM
Aklapper added a project: Accessibility.Sep 20 2018, 8:54 AM
Aklapper updated the task description. (Show Details)
PerfektesChaos updated the task description. (Show Details)Sep 20 2018, 11:12 AM
Volker_E subscribed.Sep 20 2018, 7:37 PM

Sounds reasonable!

Krinkle added a project: Security-Team.Sep 20 2018, 7:39 PM
Izno moved this task from Unsorted to ARIA on the Accessibility board.Sep 22 2018, 6:02 PM
Jdforrester-WMF subscribed.Apr 4 2019, 5:44 PM
stjn mentioned this in T224445: Permit hidden attribute in Sanitizer.May 27 2019, 8:45 PM
sbassett triaged this task as Medium priority.Oct 4 2019, 5:30 PM
sbassett removed a project: Security-Team.
gerritbot added a comment.Oct 4 2019, 6:26 PM

Change 540931 had a related patch set uploaded (by C. Scott Ananian; owner: C. Scott Ananian):
[mediawiki/core@master] Whitelist aria-hidden attribute in Sanitizer

https://gerrit.wikimedia.org/r/540931

gerritbot added a project: Patch-For-Review.Oct 4 2019, 6:26 PM
gerritbot added a comment.Oct 4 2019, 6:32 PM

Change 540932 had a related patch set uploaded (by C. Scott Ananian; owner: C. Scott Ananian):
[mediawiki/services/parsoid@master] Whitelist aria-hidden attribute in Sanitizer

https://gerrit.wikimedia.org/r/540932

gerritbot added a comment.Jan 28 2020, 10:18 PM

Change 540931 merged by jenkins-bot:
[mediawiki/core@master] Whitelist aria-hidden attribute in Sanitizer

https://gerrit.wikimedia.org/r/540931

gerritbot added a comment.Jan 28 2020, 10:59 PM

Change 540932 merged by jenkins-bot:
[mediawiki/services/parsoid@master] Whitelist aria-hidden attribute in Sanitizer

https://gerrit.wikimedia.org/r/540932

ReleaseTaggerBot added a project: MW-1.35-notes (1.35.0-wmf.18; 2020-02-04).Jan 28 2020, 11:00 PM
cscott closed this task as Resolved.Jan 28 2020, 11:10 PM
cscott claimed this task.
Maintenance_bot removed a project: Patch-For-Review.Jan 28 2020, 11:10 PM
Volker_E awarded a token.Feb 1 2020, 2:54 AM
Stashbot mentioned this in T244412: PHP Warning: A non-numeric value encountered.Feb 10 2020, 9:43 PM
Stashbot mentioned this in T244413: PHP Warning: Use of undefined constant PAGE_UNAVAILABLE - assumed 'PAGE_UNAVAILABLE' (this will throw an Error in a future version of PHP).
Stashbot mentioned this in T242746: Update ParsoidExtensionAPI to be a coherent and functional extension API to aid extension implementations.
Stashbot mentioned this in T235273: Remove PHPUtils::jsSort routine (or make it no-op) once Parsoid/JS is retired.
Stashbot mentioned this in T235307: Stop using the Env class outside of the Parsoid library (particularly in the extension REST handlers).
Stashbot mentioned this in T238845: Call to a member function serialize() on null.

Mentioned in SAL (#wikimedia-operations) [2020-02-10T21:43:15Z] <arlolra> Updated Parsoid to 612106d2 (T244412, T244413, T242746, T235273, T235307, T238845, T204618, T240054)

Stashbot mentioned this in T240054: Move top level namespace from Parsoid to Wikimedia\Parsoid.Feb 10 2020, 9:43 PM
TheDJ subscribed.Feb 10 2020, 11:21 PM

Technically, role=presentation removes semantic meaning from dom elements and its children (makes a table not be a table), while aria-hidden removes 'content' from the accessibility dom tree.

PerfektesChaos added a comment.Feb 11 2020, 1:02 PM

That’s entirely right. For a single image (like an icon) the effect is the same.

However, for “Quote of the day” or “Did you know?“ and other distracting things text content is not affected by role=. Those are the actual targets of this task.

Note that WAI 1.1 is deprecating role="presentation" in favour of role="none" introduced recently.

  • Since blind users are even more reluctant to change a running system and cannot easily learn software changes, old systems are expected to be used for more than a decade.
  • role="presentation none" is supposed to overcome migration problems, but it is not clear whether old software would understand such a space separated list since traditionally only one keyword has been assigned.
  • role="presentation" will be maintained by new software anyway; it is the safest approach to keep exactly that for a long period.
Volker_E added a comment.Feb 11 2020, 9:04 PM

Excellent point, @PerfektesChaos!

PerfektesChaos mentioned this in T26586: Add title= option for images.Dec 6 2020, 1:14 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL