Align the nsTreeSanitizer's safelist with our MathML implementation
Categories
(Core :: MathML, task)
Tracking
()
People
(Reporter: fredw, Unassigned, NeedInfo)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
We have recently been unshipping MathML attributes that are no longer part of MathML Core, sometimes adding global attributes like tabindex or on* event handler [1]. But nsTreeSanitizer has not always been kept in sync with those changes.
IIUC, nsTreeSanitizer is used to implement [2] so it's a web-exposed API and changing the MathML safelist is a behavior change. However, skimming over the spec, I can't see any explicit list of elements/attributes for MathML. Additionally, developers can always configure the sanitizer if they want to extend the element/attribute safelist [3], which they should probably for MathML where browser implementations are inconsistent. For example I believe the other implementation (Chromium) has a more restricted safelist based on MathML Core, at least for attributes [4] [5].
Given the above, I think we can restrict our MathML safelist and drop corresponding GkAtoms that we no longer use. Our element safe list [6] contains a number of MathML elements from "content markup" [7] that we have never implemented such as abs, and, apply, ... Similarly, the attribute safe list [8] contains attributes we don't implement (or that we removed) such as color, dir, subscriptshift, stackalign, scriptsizemultiplier....
[1] https://w3c.github.io/mathml-core/#mathml-elements-and-attributes
[2] https://wicg.github.io/sanitizer-api/#sanitizer-algorithms
[3] https://wicg.github.io/sanitizer-api/#config
[4] https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/modules/sanitizer_api/BUILD.gn;l=108;drc=7ac1d3e4b61674f8e8febf8f5a81897cd789cf2d
[5] https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/mathml/mathml_attribute_names.json5
[6] https://searchfox.org/mozilla-central/source/dom/base/nsTreeSanitizer.cpp#649
[7] https://www.w3.org/TR/MathML3/chapter4.html
[8] https://searchfox.org/mozilla-central/rev/839718c65b62ad1fca710390f472f834994da819/dom/base/nsTreeSanitizer.cpp#847
Reporter | ||
Comment 1•2 years ago
|
||
I'm tentatively assigning this task to Sirri Celles, who is currently doing a Coding Experience at Igalia.
Comment 2•2 years ago
|
||
The bug assignee is inactive on Bugzilla, so the assignee is being reset.
Comment 6•8 months ago
|
||
The bug assignee is inactive on Bugzilla, so the assignee is being reset.
Reporter | ||
Comment 7•13 days ago
|
||
@hsivonen: Do you remember what dev-platform thead you are referring to in bug 482909 comment 6 ? Because the present bug is a bit going the opposite direction to what you implemented.
Incidentally, for the Sanitizer API see https://github.com/w3c/mathml-core/issues/227
Description
•