From https://github.com/whatwg/html/issues/2253:

"""
HTML's parsing mechanism will automatically close <form>, <textarea>, <option>, <button> elements at the end of a file. This is fine from a parsing perspective, but the behavior does enable dangling markup attacks, such as those described in http://www.thespanner.co.uk/2011/12/21/html-scriptless-attacks/ and section 2 of http://lcamtuf.coredump.cx/postxss/.

I haven't added metrics to Chrome yet, and regexing this kind of data out of HTTPArchive is difficult, but my intuition is that we wouldn't break legitimate form submissions if we added a flag to elements noting whether they were in the stack of open elements during step 2 of https://html.spec.whatwg.org/#the-end, and prevented form submission (in the same way we decide on for #2252) if that flag was present on any of the form's submittable elements.

This change seems relatively low-risk, and would address a subset of dangling markup attacks that don't rely on a closing tag being present somewhere in the document.
"""