Sanitizer API config handling (`allowUnknownMarkup` & stricter allow-list, etc.)
Categories
(Core :: DOM: Security, task, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox105 | --- | fixed |
People
(Reporter: freddy, Assigned: tschuster)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-backlog1], [wptsync upstream])
Attachments
(7 files)
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review |
First of all, the sanitizer API should be more strict to ensure that elements stated in e.g., allowElements
are a subset of the baseline.
The Sanitizer API also got a new boolflag allowUnknownMarkup
, that is required to add elements to the allow-list: This is for the use-cases of popular frameworks that use attributes & elements names which are formally unknown to HTML.
Updated•2 years ago
|
Assignee | ||
Comment 1•2 years ago
|
||
Updated•2 years ago
|
Assignee | ||
Comment 2•2 years ago
|
||
Depends on D152271
Assignee | ||
Comment 3•2 years ago
|
||
I realized that for incrementally improving the Sanitizer I need to make some changes. We have been asking people to fuzz and look for issues with the Sanitizer API and are paying bug bounties for it already. Currently this seems to mean everyone is looking at the mostly vanilla nsTreeSanitizer code that doesn't follow the spec at all. Obviously that isn't really a good way of improving the spec and making sure what we are going to ship matches what is being investigated. This seems like a bit of a wasted effort to me, unless we actually plan on shipping one thing and specifying something else.
I think to not block myself here I am going to add a pref that like dom.security.sanitizer.in_dev_no_bounty
;) and otherwise fallback to the normal sanitizer. We already know that we have holes in our current code, I don't think paying bounties for that until we are finished is very worthwhile.
Assignee | ||
Comment 4•2 years ago
|
||
The spec for this is known to be wrong or not clearly defined and I am also not really sure how to properly implement this.
Depends on D153208
Assignee | ||
Comment 5•2 years ago
|
||
Depends on D153332
Assignee | ||
Comment 6•2 years ago
|
||
Depends on D153361
Assignee | ||
Updated•2 years ago
|
Pushed by tschuster@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f202ecb8e326 Start rewrite of Sanitizer API for elements. r=emilio https://hg.mozilla.org/integration/autoland/rev/f3fdb2e60003 Update WPT. r=emilio https://hg.mozilla.org/integration/autoland/rev/6c9de79e8c93 Implement probably wrong element kind handling. r=emilio
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/35376 for changes under testing/web-platform/tests
Assignee | ||
Comment 9•2 years ago
|
||
Depends on D153362
Comment 10•2 years ago
|
||
bugherder |
Upstream PR merged by moz-wptsync-bot
Updated•2 years ago
|
Updated•2 years ago
|
Assignee | ||
Comment 12•2 years ago
|
||
Depends on D153362
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Comment 13•2 years ago
|
||
Pushed by tschuster@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/663a63dc8d10 Logging. r=emilio https://hg.mozilla.org/integration/autoland/rev/0ad466c99d65 Re-Implement attribute sanitization. r=emilio https://hg.mozilla.org/integration/autoland/rev/9cb1c3968402 Remove lowercasing of elements/attributes. r=emilio https://hg.mozilla.org/integration/autoland/rev/30fda37b200f Handle funky attributes in Sanitizer. r=emilio
Comment 14•2 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/663a63dc8d10
https://hg.mozilla.org/mozilla-central/rev/0ad466c99d65
https://hg.mozilla.org/mozilla-central/rev/9cb1c3968402
https://hg.mozilla.org/mozilla-central/rev/30fda37b200f
Description
•