Overview
Align with Editor → Sanitization & security. If sanitization runs in Rust/WASM, keep one policy with the JS path ( Clipboard & input routing).
Content Security Policy
script-src and wasm-unsafe-eval (or
nonces/hashes) affect how browsers load compiled modules. Review
official docs when upgrading browsers—policies evolve.
Relaxing CSP to “make WASM work” can widen XSS—tighten around hosts you control.
SRI & module integrity
Serve WASM and JS from trusted origins; use integrity attributes where your toolchain supports them so CDN swaps are detected.
Paste & XSS with WASM sanitize
Pasted HTML is untrusted input. Whether you sanitize in JS or WASM, block scripts, javascript: URLs, and inline event handlers consistently before inserting into the DOM.
Third-party embeds
Embedding your editor in iframes or foreign sites changes COOP/COEP and worker availability—retest ( Tooling, bundle & workers).
Wasm guides
Editing approaches
contenteditable + WASM: source of truth, event order, DOM↔model loop, normalization, and when to call Rust.
IME & composition
composition events, syncing a Rust document model, and why the browser still owns the IME.
JS ↔ WASM boundary
Strings, copies, batched ops, async vs input events, and keeping the hot path cheap.
Clipboard & input routing
beforeinput, paste, routing decisions in JS vs sanitization in WASM.
Tooling, bundle & workers
wasm-pack, wasm-opt, code splitting, Web Workers, COOP/COEP and threads.
Collaboration & CRDT (WASM)
Yrs/y-crdt, bridging to Yjs, snapshots vs update streams with an editor host.
Selection, Range & offsets
UTF-16 vs UTF-8 indices, Selection/Range in JS, mapping to a Rust model and getTargetRanges.
Undo & redo model
Browser undo stack vs model history, programmatic DOM, and WASM-hosted transactions.
Accessibility (WASM host)
Roles, focus, screen readers when the editable surface is still the browser.
Testing & debugging
E2E, profiling the JS↔WASM boundary, reproducing IME and paste in CI.