Closed Bug 1934775 Opened 3 months ago Closed 3 months ago

Port bug 1931282 - Implement Trusted Types support for DOMParser's parseFromString()

Categories

(Thunderbird :: Upstream Synchronization, task)

Product:
Thunderbird
Component:
Upstream Synchronization
Type:
task

Tracking

(thunderbird_esr128 unaffected, thunderbird134 unaffected)

Status:
RESOLVED FIXED
Milestone:
135 Branch
Tracking Flags:
Tracking Status
thunderbird_esr128 --- unaffected
thunderbird134 --- unaffected

People

(Reporter: mkmelin, Assigned: mkmelin)

References

Details

(Whiteboard: [tb-build-bustage])

Ah, sorry about that.

Basically the ParseFromString-variant that accepts nsAString has been renamed ParseFromStringInternal to make clear it's only used internally when we are sure the input HTML string is safe (not coming from third-party code). I guess Thunderbird could just use that everywhere it uses ParseFromString.

ParseFromString now instead accepts a TrustedHTMLOrString. It assumes the DOMParser has a non-null mOwner and will do extra sanitization as per the trusted type spec.

Thanks, we only had one usage. I'll fix that

Assignee: nobody → mkmelin+mozilla
Target Milestone: --- → 135 Branch

Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/82b5dca8fc07
Port bug 1931282 - Implement Trusted Types support for DOMParser's parseFromString(). rs=bustage-fix

Status: NEW → RESOLVED
Closed: 3 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.