275352 – Remove Trusted Types enforcement from toggleAttribute

RESOLVED FIXED Bug 275352

Remove Trusted Types enforcement from toggleAttribute

https://bugs.webkit.org/show_bug.cgi?id=275352

Summary Remove Trusted Types enforcement from toggleAttribute

Luke Warlow

Reported 2024-06-11 04:39:42 PDT

Based on discussions with the chromium folks it turns out the enforcement inside of toggleAttribute was an accidental implementation bug rather than intentional (the integration with DOM was underspecified so the spec originally worked off of the chrome implementation). Based on this and the fact that toggling an attribute isn't an XSS vulnerability, the spec PR https://github.com/whatwg/dom/pull/1268 has been updated to not include this enforcement. This bug tracks removing it from WebKit.

Attachments
Add attachment proposed patch, testcase, etc.

Luke Warlow

Comment 1 2024-06-11 05:59:09 PDT

Pull request: https://github.com/WebKit/WebKit/pull/29712

EWS

Comment 2 2024-06-12 09:56:22 PDT

Committed 279950@main (1ae029b5a34e): <https://commits.webkit.org/279950@main> Reviewed commits have been landed. Closing PR #29712 and removing active labels.

Radar WebKit Bug Importer

Comment 3 2024-06-12 09:58:22 PDT

<rdar://problem/129689673>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version Safari 17

Hardware Unspecified

OS Unspecified

Product WebKit

Component DOM

Assignee

Luke Warlow

Reported

2024-06-11 04:39 PDT

Modified

2024-06-12 09:58 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks

266630

Dependancies

tree graph