Open
Bug 1903717
Opened 8 months ago
Updated 3 months ago
Implement default-policy support for Trusted Types
Categories
(Core :: DOM: Security, task, P3)
Core
DOM: Security
Tracking
()
NEW
People
(Reporter: mbrodesser-Igalia, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-active])
No description provided.
|
||
Comment 1•8 months ago
|
||
Am I right to assign this to you, Mirko? (if not, please reset flags/whiteboard/assignee).
Assignee: nobody → mbrodesser
Severity: -- → N/A
Status: NEW → ASSIGNED
Priority: -- → P3
Whiteboard: [domsecurity-active]
|
Reporter | |
Comment 2•8 months ago
|
||
Just filed this ticket for structuring the remaining work.
Assignee: mbrodesser → nobody
Status: ASSIGNED → UNCONFIRMED
Ever confirmed: false
Whiteboard: [domsecurity-active]
|
|
Reporter | |
Comment 4•8 months ago
|
||
Remaining for the feature :-). Presumably to be implemented by me.
Flags: needinfo?(mbrodesser)
|
||
Updated•7 months ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [domsecurity-active]
|
|
Reporter | |
Comment 5•6 months ago
|
||
Relevant test for Element.insertAdjacentHTML: https://searchfox.org/mozilla-central/rev/b1b87f95ecea00828298d1b3cd3d8718f9fcc3fc/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.html#154.
|
||
Comment 6•3 months ago
|
||
It's unclear to me whether it is useful to have a meta bug for the default policy specifically, given that the work is tracked by other meta bugs (injection sinks, pre-navig check, ...). After discussing with Mirko, he prefers to keep this open and suggested to use "see also" links instead.
You need to log in
before you can comment on or make changes to this bug.
Description
•