HTML `img` element loading (at least per the HTML standard) does an active document check. It seems we should do a similar check for SVG `image` elements. It seems that only fixing this at the sanitizer level would still make us execute script as part of `XMLHttpRequest` or `DOMParser` or some such, right?
Bug 1666300 Comment 7 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
HTML `img` element loading (at least per the HTML standard) does an active document check. It seems we should do a similar check for SVG `image` elements. It seems that only fixing this at the sanitizer level would still make us execute script as part of `XMLHttpRequest` or `DOMParser` or some such, right? (Also, would fixing this at the sanitizer level prevent all network activity?)