ported from the comments in issue #227

polx · polx · commit dcdade6a0789 · 2025-01-16T17:24:14.000+01:00
diff --git a/mathml-safe-list.md b/mathml-safe-list.md
@@ -0,0 +1,26 @@
+## MathML Safe List
+
+### Short Version
+MathML-core considers all elements and attributes of MathML-core (as listed in [section 2.1 of MathML-core](https://w3c.github.io/mathml-core/#mathml-elements-and-attributes)) as safe and not needing a sanitziation except the following elements.
+
+We recommend the [Sanitzer API](https://wicg.github.io/sanitizer-api/) to sanitize MathML by keeping all elements and attributes except the follwing:
+- any common attribute with HTML attributes which need a sanitzation,
+- the `maction` and `mphantom` elements (the element can be replaced by their first child), and
+- any `annotation` or `annotation-xml` element whose `encoding` attribute is of a media-type that is is either absent or is not among the trusted types or if it contains an `href` attribute.
+
+### Detailed Version
+MathML-core considers the following elements and attributes of MathML-core as safe and not needing sanitization:
+
+Safe "as-is" Elements of MathML-core:
+`math, merror, mfrac, mi, mmultiscripts, mn, mo, mover, mpadded, mprescripts, mroot,  mrow, ms, mspace, msqrt, mstyle, msub, msubsup, msup, mtable, mtd, mtext, mtr, munder, munderover, semantics`
+
+Attributes of MathML-core:
+`dir, displaystyle, mathbackground, mathcolor, mathsize, scriptlevel, encoding, display, linethickness, intent and arg`; on `mo` elements: `form, fence, separator, lspace, rspace, stretchy, symmetric, maxsize, minsize, largeop, movablelimits`; on `mpadded` elements: `width, height, depth, lspace, voffset`, on `mspace` elements: `width, height, depth`, on `munderover` elements `accent` and `accentunder`; on `mtd` elements `columnspan` and `rowspan`.
+
+Moreover, the following attributes have their syntax and semantics specified in the HTML specification. The sanitizer behaviour on these attributes should be as is done on HTML elements: `on*, id, class, style, data-*, autofocus, nonce,tabindex` (for example any javascript should be removed).
+
+The elements of MathML-core which need treatment by the sanitizers are the following:
+- `annotation` and `annotation-xml` if their `encoding` attribute is not considered of a safe type (e.g. if the encoding is `text/plain` then it could be kept). If removed, the element should be replaced by its first child.
+- `maction` is replaced by their first child
+- `mphantom` is removed
+
