Open Bug 1945421 Opened 20 days ago Updated 19 days ago

Implement fast versions of GetTrustedTypesCompliant* functions

Categories

(Core :: DOM: Security, enhancement)

Product:
Core
Component:
DOM: Security
Type:
enhancement

Tracking

()

People

(Reporter: fredw, Unassigned)

References

(Blocks 1 open bug)

Details

In bug 1909168, we implemented a fast-path for injection sinks when trusted types aren't used, essentially an early return of the (stringified) input.

However, because GetTrustedTypesCompliant* functions could theoretically execute scripts when calling the default policy callback, we may need to store strong references to arguments before calling this function, which may add some overhead. And the function call can be some overhead too. This can be undesired in hot code such as innerHTML setter.

Maybe we could introduce TryExtractTrustedTypesCompliant* functions, which will do the same early return of the (stringified) input in the cases when that's possible, and return a nullptr otherwise. These functions could be marked inline to avoid the overhead of the function call. So the pattern for hot code path would become:

compliantString = TryExtractTrustedTypesCompliant(...) 
if (!compliantString) {
   maybe-store-strong-references-to-arguments;
   compliantString = GetTrustedTypesCompliant(...);
}

I don't know if we want this pattern everywhere (that could be more code) but if so, probably GetTrustedTypesCompliant* could assert on !TryExtractTrustedTypesCompliant(...). Otherwise, it could just rely on TryExtractTrustedTypesCompliant(...) for its early return.

You need to log in before you can comment on or make changes to this bug.