Page MenuHomePhabricator

Whitelist additional values for the WAI-ARIA role attribute on certain elements in wikitext
Closed, ResolvedPublic


Allowing WAI ARIA markup in wikitext would make it easier to make content accessible to people using screen readers, text-only browsers, etc. For example, this would make it possible to mark tables that are used purely for layout (as on portal pages, warning boxes, etc) as "presentational" (compare T26583).

See Also:

Event Timeline

bzimport raised the priority of this task from to Low.Nov 21 2014, 11:00 PM
bzimport set Reference to bz24659.
bzimport added a subscriber: Unknown Object (MLST).

bug 18338 is related, but it deals with interface messages / skin code, as opposed to content generated from wiki text.

We should be cautious when adding markup to wikitext as it is often misused. And the more markup we have the more it will be complicated to edit.

Adding ARIA in markup is not a priority now. Given the state of the english-speaking accessibility project, of the french accessibility project and the lack of accessibility projects in other languages: at best ARIA markup will simply not be used by editors.

However, it might become necessary later on.

WAI-ARIA roles allow HTML elements, such as <div>, to be given semantic associations for accessible browsing.(1) Several HTML5 semantic tags remain blacklisted (see T25932), so the role attribute is, in many cases, the only method to attach roles to wikitext elements.

The role attribute's value must be exactly one non-abstract role to pass validation.(2)

The role attribute was whitelisted in 1.21, but only if its value is exactly equal to "presentation".(3) This implementation is problematic because it lets <link> and <meta> elements, if enabled, try to have an unallowed presentation role, and restricts other elements to only their default role or presentation.

The following roles, at minimum, are appropriate for editable wikitext. This is a conservative list that excludes abstract roles, interactive roles, live region roles, widget roles, and roles such as banner or main that might inappropriately duplicate roles better filled by content outside the wikitext container, or by the wikitext container itself.

  • columnheader, a cell with header information for a column
  • complementary, the default role for <aside> elements, a landmark and a supporting section relevant to the main content, such as an infobox
  • definition, a definition of a term
  • directory, a list of references to members of a group, such as a ToC
  • grid, for tabular data in rows, columns, and cells
  • gridcell, a single member of a grid
  • group, for sets of elements not to be included in a ToC or summary generated by assistive technologies (contrast region)
  • heading, the default role for <h1> through <h6> elements, for section headings
  • img, a collection of elements that form an image, may include a caption or other associated text
  • list, the default role for <ol> and <ul> elements, a non-interactive list of items
  • listitem, the default role for <li> elements, a single member of a directory or list
  • math, for representations of mathematical expressions
  • navigation, the default role for <nav> elements, a landmark and a collection of navigation elements, such as a navbox
  • note, for ancillary or parenthetical content, such as a "See also" hatnote
  • presentation, already whitelisted
  • region, the default role for <section> elements, for document sections to be included in a ToC or summary generated by assistive technologies (contrast group)
  • row, a row of cells in a grid
  • rowgroup, a group of row elements in a grid
  • rowheader, a cell with header information for a row in a grid
  • separator, the default role for <hr> elements, a visual break between list items, sections, etc.

The <abbr>(7), <b>(7), <bdi>(7), <bdo>(7), <blockquote>(6), <br>(7), <caption>(10), <data>(7), <dd>(6), <del>(8), <dfn>(7), <cite>(7), <code>(7), <div>(6), <dl>(6), <dt>(6), <em>(7), <i>(7), <ins>(8), <kbd>(7), <mark>(7), <p>(6), <pre>(6), <q>(7), <rb>(7), <rp>(7), <rt>(7), <rtc>(7), <ruby>(7), <s>(7), <samp>(7), <small>(7), <span>(7), <strong>(7), <sub>(7), <sup>(7), <table>(10), <td>(10), <th>(10), <time>(7), <tr>(10), <u>(7), <var>(7), and <wbr>(7) elements allow any ARIA role.

That leaves only a handful of currently whitelisted elements with role restrictions. The <h1> to <h6>(5) elements allow heading and presentation. The <hr>(6) element allows separator and presentation. The <img>(9) element allows only presentation with empty alt text, or any role with non-empty alt text. The <ol>(6) element allows list, directory and presentation. The <ul>(5) element allows list, directory, group, and presentation. The <li>(6) element allows listitem and presentation. The <link> and <meta>(4) elements allow none of the above roles.

The remainder of whitelisted elements, such as <center>, are not in the HTML5 spec and not covered here.


  1. W3C, WAI-ARIA spec, The Roles Model
  2. W3C, WAI-ARIA implementation guide, Role mapping
  3. Diffusion commit: Support WAI-ARIA's role="presentation" inside of WikiText
  4. W3C, HTML5 spec, Document metadata
  5. W3C, HTML5 spec, Sections
  6. W3C, HTML5 spec, Grouping content
  7. W3C, HTML5 spec, Text-level semantics
  8. W3C, HTML5 spec, Edits
  9. W3C, HTML5 spec, Embedded content
  10. W3C, HTML5 spec, Tabular data
MattFitzpatrick renamed this task from allow WAI ARIA attributes in wikitext to Whitelist additional values for the WAI-ARIA role attribute on certain elements in wikitext.Oct 2 2015, 4:47 AM
MattFitzpatrick set Security to None.

Change 243383 had a related patch set uploaded (by Matt Fitzpatrick):
Whitelist additional WAI-ARIA attributes, implement a role whitelist

I saw daniel also mentioned ARIA attributes, so the patch I submitted also whitelists a subset of aria-* attributes defining non-interactive properties, such as labels. Since they're non-interactive they're potentially useful even where user interaction like forms and scripts are not present. And since they all happen to be global properties, they're allowed on all elements by definition, so they can be dropped right into the $common array of attributes whitelisted for all elements.

  • aria-describedby="(space-delimited list of HTML ids)"
  • aria-flowto="(space-delimited list of HTML ids)"
  • aria-label="(string)"
  • aria-labelledby="(space-delimited list of HTML ids)"
  • aria-owns="(space-delimited list of HTML ids)"

Reference: W3C, WAI-ARIA spec, Supported states and properties

WOW, interesting work. Thanks for the patch.

Krinkle removed a project: Parser.
Krinkle removed a subscriber: wikibugs-l-list.

tstarling suggested at Gerrit that validation on the role attribute is unnecessary, so this patch has been scaled way back. It now simply whitelists the aria-* and role attributes (and escapes id's passed as aria-* values, to avoid unexpected id mismatches).

Can anyone think of a reason why role attribute validation is needed in Sanitizer? Otherwise we can keep it simple.

Change 243383 merged by jenkins-bot:
Whitelist additional WAI-ARIA attributes, and all role values

FreedomFighterSparrow claimed this task.

This is now merged, so I see no reason why it was left open.