Bug 257349

Summary: Ignore dangling markup in target name
Product: WebKit Reporter: Jun Kokatsu <s.h.h.n.j.k>
Component: DOMAssignee: sideshowbarker <mike>
Status: RESOLVED FIXED    
Severity: Enhancement CC: annevk, cdumez, mike, webkit-bug-importer, wilander
Priority: P2 Keywords: InRadar
Version: Safari 16   
Hardware: Unspecified   
OS: Unspecified   

Jun Kokatsu
Reported 2023-05-25 14:23:53 PDT
To further restrict Dangling Markup injection mitigation[1], I requested a spec change in HTML to ignore dangling markup in target name[2]. I'd be great if y'all can work on this too :) [1] https://chromestatus.com/feature/5735596811091968 [2] https://github.com/whatwg/html/pull/9309
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2023-06-01 14:24:15 PDT
<rdar://problem/110134016>
sideshowbarker
Comment 2 2023-08-21 06:13:49 PDT
Pull request: https://github.com/WebKit/WebKit/pull/16885
EWS
Comment 3 2023-08-22 15:57:14 PDT
Committed 267154@main (6752480fe44b): <https://commits.webkit.org/267154@main> Reviewed commits have been landed. Closing PR #16885 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.