Bug 275352
| Summary: | Remove Trusted Types enforcement from toggleAttribute | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Luke Warlow <lwarlow> |
| Component: | DOM | Assignee: | Luke Warlow <lwarlow> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | Safari 17 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| See Also: | https://github.com/web-platform-tests/wpt/pull/46691 | ||
| Bug Depends on: | |||
| Bug Blocks: | 266630 | ||
Luke Warlow
Based on discussions with the chromium folks it turns out the enforcement inside of toggleAttribute was an accidental implementation bug rather than intentional (the integration with DOM was underspecified so the spec originally worked off of the chrome implementation). Based on this and the fact that toggling an attribute isn't an XSS vulnerability, the spec PR https://github.com/whatwg/dom/pull/1268 has been updated to not include this enforcement.
This bug tracks removing it from WebKit.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Luke Warlow
Pull request: https://github.com/WebKit/WebKit/pull/29712
EWS
Committed 279950@main (1ae029b5a34e): <https://commits.webkit.org/279950@main>
Reviewed commits have been landed. Closing PR #29712 and removing active labels.
Radar WebKit Bug Importer
<rdar://problem/129689673>