1779184 - Sanitizer API config handling (`allowUnknownMarkup` & stricter allow-list, etc.)

Status: RESOLVED FIXED

(Core :: DOM: Security, task, P3)

Description

[Frederik Braun [:freddy]]

First of all, the sanitizer API should be more strict to ensure that elements stated in e.g., allowElements are a subset of the baseline.
The Sanitizer API also got a new boolflag allowUnknownMarkup, that is required to add elements to the allow-list: This is for the use-cases of popular frameworks that use attributes & elements names which are formally unknown to HTML.

Comment 1

[Tom Schuster (MoCo)]

Attachment: Bug 1779184 - Start rewrite of Sanitizer API for elements. r?emilio

Comment 2

[Tom Schuster (MoCo)]

Attachment: Bug 1779184 - Update WPT. r?emilio

Depends on D152271

Comment 3

[Tom Schuster (MoCo)]

I realized that for incrementally improving the Sanitizer I need to make some changes. We have been asking people to fuzz and look for issues with the Sanitizer API and are paying bug bounties for it already. Currently this seems to mean everyone is looking at the mostly vanilla nsTreeSanitizer code that doesn't follow the spec at all. Obviously that isn't really a good way of improving the spec and making sure what we are going to ship matches what is being investigated. This seems like a bit of a wasted effort to me, unless we actually plan on shipping one thing and specifying something else.

I think to not block myself here I am going to add a pref that like dom.security.sanitizer.in_dev_no_bounty ;) and otherwise fallback to the normal sanitizer. We already know that we have holes in our current code, I don't think paying bounties for that until we are finished is very worthwhile.

Comment 4

[Tom Schuster (MoCo)]

Attachment: Bug 1779184 - Implement probably wrong element kind handling. r?emilio

The spec for this is known to be wrong or not clearly defined and I am also not really sure how to properly implement this.

Depends on D153208

Comment 5

[Tom Schuster (MoCo)]

Attachment: Bug 1779184 - Logging. r?emilio

Depends on D153332

Comment 6

[Tom Schuster (MoCo)]

Attachment: Bug 1779184 - Re-Implement attribute sanitization. r?emilio

Depends on D153361

Comment 7

[Pulsebot]

Pushed by tschuster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f202ecb8e326
Start rewrite of Sanitizer API for elements. r=emilio
https://hg.mozilla.org/integration/autoland/rev/f3fdb2e60003
Update WPT. r=emilio
https://hg.mozilla.org/integration/autoland/rev/6c9de79e8c93
Implement probably wrong element kind handling. r=emilio

Comment 8

[Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)]

Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/35376 for changes under testing/web-platform/tests

Comment 9

[Tom Schuster (MoCo)]

Attachment: Bug 1779184 - Handle funky attributes in Sanitizer. r?emilio

Depends on D153362

Comment 10

[Cristian Tuns]

https://hg.mozilla.org/mozilla-central/rev/f202ecb8e326
https://hg.mozilla.org/mozilla-central/rev/f3fdb2e60003
https://hg.mozilla.org/mozilla-central/rev/6c9de79e8c93

Comment 11

[Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)]

Upstream PR merged by moz-wptsync-bot

Comment 12

[Tom Schuster (MoCo)]

Attachment: Bug 1779184 - Remove lowercasing of elements/attributes. r?emilio

Depends on D153362

Comment 13

[Pulsebot]

Pushed by tschuster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/663a63dc8d10
Logging. r=emilio
https://hg.mozilla.org/integration/autoland/rev/0ad466c99d65
Re-Implement attribute sanitization. r=emilio
https://hg.mozilla.org/integration/autoland/rev/9cb1c3968402
Remove lowercasing of elements/attributes. r=emilio
https://hg.mozilla.org/integration/autoland/rev/30fda37b200f
Handle funky attributes in Sanitizer. r=emilio

Comment 14

[Marian-Vasile Laza]

https://hg.mozilla.org/mozilla-central/rev/663a63dc8d10
https://hg.mozilla.org/mozilla-central/rev/0ad466c99d65
https://hg.mozilla.org/mozilla-central/rev/9cb1c3968402
https://hg.mozilla.org/mozilla-central/rev/30fda37b200f