Open
Bug 1203102
Opened 9 years ago
Updated 2 years ago
Relax restrictions on <animate> and <set> elements in SVG content in nsTreeSanitizer
Categories
(Core :: DOM: Security, defect, P3)
Core
DOM: Security
Tracking
()
NEW
People
(Reporter: Gijs, Unassigned)
References
Details
(Whiteboard: [adv-main42-][domsecurity-backlog1])
In bug 1182778 I'm stripping all of <animate> and <set>. In theory, it should be possible to only strip the attributeName if the attribute that's being animated/set is not supposed to be set in the first place. Because of namespaces, I expect that's not trivial. Marking sec-sensitive because 1182778 is still hidden.
|
||
Updated•9 years ago
|
Group: core-security → dom-core-security
|
||
Updated•9 years ago
|
Whiteboard: [adv-main42-]
|
||
Comment 1•8 years ago
|
||
Can we open this up now?
status-firefox43:
affected → ---
Flags: needinfo?(gijskruitbosch+bugs)
|
Reporter | |
Comment 2•8 years ago
|
||
(In reply to Ryan VanderMeulen [:RyanVM] from comment #1) > Can we open this up now? Yes. (I can't, though, so pinging the needinfo back.)
Flags: needinfo?(gijskruitbosch+bugs) → needinfo?(ryanvm)
|
|
||
Updated•8 years ago
|
Group: dom-core-security
Flags: needinfo?(ryanvm)
|
||
Updated•3 years ago
|
Component: DOM: Core & HTML → DOM: Security
|
||
Updated•3 years ago
|
Severity: normal → S3
Priority: -- → P3
Whiteboard: [adv-main42-] → [adv-main42-][domsecurity-backlog1]
You need to log in
before you can comment on or make changes to this bug.
Description
•