Bug 287107

Summary: Trusted Types runs extra code than neccessary when not used in CSP
Product: WebKit Reporter: Luke Warlow <lwarlow>
Component: DOMAssignee: Luke Warlow <lwarlow>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 266630    

Luke Warlow
Reported 2025-02-05 11:14:22 PST
Currently for sinks we check through the CSP policies each time the sink is hit. We can save this work by setting a flag on the document object (which we already have code to do for eval optimisations), and using that instead. We can also skip some work for various attribute methods, by using the same flag.
Attachments
Add attachment proposed patch, testcase, etc.
Luke Warlow
Comment 1 2025-02-05 11:20:42 PST
Pull request: https://github.com/WebKit/WebKit/pull/40068
Radar WebKit Bug Importer
Comment 2 2025-02-12 11:15:39 PST
<rdar://problem/144714872>
EWS
Comment 3 2025-02-18 14:38:04 PST
Committed 290561@main (160b58921311): <https://commits.webkit.org/290561@main> Reviewed commits have been landed. Closing PR #40068 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.