Closed
Bug 1445258
Opened 6 years ago
Closed 6 years ago
Erroneous "Removed unsafe attribute" warning on inline svg element ?
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
INVALID
| Tracking | Status | |
|---|---|---|
| firefox61 | --- | affected |
People
(Reporter: nchevobbe, Unassigned)
References
Details
**Steps to reproduce** 1. Go to "data:text/html,<meta charset=utf8><div style="display:grid">Hello" 2. Open the browser console 3. Open devtools' inspector 4. Select the "Layout" tab in the right panel **Expected results** Everything is fine **Actual results** There's the following warning in the browser console: > Removed unsafe attribute. Element: svg. Attribute: xmlns But: - When looking at the element with the browser toolbox, the xmlns attribute *is* still on the element. - If I remove it the icon I want to show is not displayed (because we're in a XUL document). --- The issue also appears when evaluating a node or an object in the webconsole. This is a bit of an issue because we want to enable the new console frontend in the browser console in Bug 1439616, but now if you try to evaluate something in the browser console that would return an object, you'd get the "Removed unsafe attribute" warning, which is not ideal.
|
Reporter | |
Updated•6 years ago
|
Summary: Erroneous "Removed unsafe attribute" warning ? → Erroneous "Removed unsafe attribute" warning on inline svg element ?
|
|
Reporter | |
Comment 1•6 years ago
|
||
Needinfo :gijs since he made the change that emits warning, although I think it's not the reporting that's faulty here
Flags: needinfo?(gijskruitbosch+bugs)
|
||
Comment 2•6 years ago
|
||
This is being shown because somewhere, there's a use of innerHTML or similar (fragment parsing) which is passing through the sanitizer which is removing the xmlns attribute. This doesn't mean there's no other content anywhere that has an xmlns attribute. You may be able to get more clarity by applying the patch in bug 1438553 in a local build and rebuilding with that, which should get you a stack.
|
|
||
Comment 3•6 years ago
|
||
(I hope comment #2 answers the question, let me know if you need more help...)
Flags: needinfo?(gijskruitbosch+bugs)
|
|
Reporter | |
Comment 4•6 years ago
|
||
It is, thanks. The issue being React using innerHTML in this case. Using those SVG images through CSS instead of inlining is probably the correct way of not having those warnings.
|
|
Reporter | |
Updated•6 years ago
|
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
|
Assignee | |
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•