Open Bug 1909168 Opened 3 months ago Updated 2 months ago

Implement a fast-path for `Element.insertAdjacentHTML` and all other injecion sinks when trusted types aren't used

Categories

(Core :: DOM: Security, task)

Product:
Core
Component:
DOM: Security
Type:
task

Tracking

()

People

(Reporter: mbrodesser-Igalia, Unassigned)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

See https://phabricator.services.mozilla.com/D216170#7453441.

Let's implement default policy support first. That needs to be done anyway and will shed light on whether this fast-path is indeed required.

Depends on: 1903717
Severity: -- → N/A
Whiteboard: [domsecurity-backlog]
Assignee: nobody → mbrodesser
Whiteboard: [domsecurity-backlog] → [domsecurity-active]

@Daniel: not yet working on this. Will presumably in the future.

Assignee: mbrodesser → nobody

This is definitely a blocker for trusted types. DoesSinkTypeRequireTrustedTypes is rather slow.

Summary: Implement a fast-path for `Element.insertAdjacentHTML` when trusted types are disabled → Implement a fast-path for `Element.insertAdjacentHTML` when trusted types aren't used
Summary: Implement a fast-path for `Element.insertAdjacentHTML` when trusted types aren't used → Implement a fast-path for `Element.insertAdjacentHTML` and all other injecion sinks when trusted types aren't used

A ./mach try perf run (still in progress) with TT enabled by default: https://treeherder.mozilla.org/perfherder/compare?originalProject=try&originalRevision=2aada6496bec8cf06b92125509ff8a42386f0fd2&newProject=try&newRevision=e40d1333e2836a8ef7bbd432e25ca0d8ec6818da&framework=13 to avoid premature optimization.

Edit: above perf run seems to miss the commits for TT, except the one flipping the pref.

You need to log in before you can comment on or make changes to this bug.