Closed Bug 1484644 Opened Last year Closed Last year

Investigate whitelisting xul attribute tooltiptext in DOM overlays

Categories

(Core :: Internationalization, enhancement, P3)

enhancement

Tracking

()

RESOLVED FIXED
mozilla64
Tracking Status
firefox64 --- fixed

People

(Reporter: Pike, Assigned: masterkrombi)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

We currently only allow tooltiptext on toolbarbutton.

But we use it on richlistitem, image, and button, at least, too.

Some picked up data-l10n-attrs to explicitly whitelist it, some apparently don't:

https://dxr.mozilla.org/mozilla-central/source/browser/components/preferences/in-content/sync.xul#79
https://dxr.mozilla.org/mozilla-central/source/browser/components/preferences/in-content/privacy.xul#328

Is this also something where we can bust tests if we strip attributes?
Looking at https://dxr.mozilla.org/mozilla-central/source/dom/webidl/XULElement.webidl#65, tooltiptext is defined on xul element, so we should probably add it to general?
yeah, totally. Anyone wants to write a patch? :)
Assignee: nobody → gandalf
Priority: -- → P3
Assignee: gandalf → masterkrombi
Status: NEW → ASSIGNED
Can you also whitelist `title` on `window`?

Here are attributes we manually whitelist: https://searchfox.org/mozilla-central/search?q=data-l10n-attrs&path=

I think `style` should remain whitelisted per case, but title definitely can be added to the global whitelist.
Pushed by jwein@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/67a3276d3b4e
Whitelist title and tooltiptext for XUL r=zbraniecki
https://hg.mozilla.org/mozilla-central/rev/67a3276d3b4e
Status: ASSIGNED → RESOLVED
Closed: Last year
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
You need to log in before you can comment on or make changes to this bug.