Last Comment Bug 649566 - @keyframe(s) missing from <style> sanitizing code in nsHTMLFragmentContentSink
: @keyframe(s) missing from <style> sanitizing code in nsHTMLFragmentContentSink
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: CSS Parsing and Computation (show other bugs)
: Trunk
: All All
: -- normal (vote)
: mozilla6
Assigned To: :Ehsan Akhgari (out sick)
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-04-12 21:27 PDT by Craig Topper
Modified: 2011-04-20 11:02 PDT (History)
6 users (show)
ehsan: in‑testsuite+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
-
fixed
?
?
?


Attachments
Patch (v1) (6.22 KB, patch)
2011-04-14 12:20 PDT, :Ehsan Akhgari (out sick)
bzbarsky: review+
dbaron: approval‑mozilla‑aurora+
Details | Diff | Review

Description Craig Topper 2011-04-12 21:27:17 PDT
This code contains case statements for every other CSS rule type so should probably have the keyframe(s) rule types too.
Comment 1 Craig Topper 2011-04-12 21:28:23 PDT
The code is missing DOCUMENT_RULE too.
Comment 2 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2011-04-13 10:39:59 PDT
It should really also:
 (a) have a default: case, and set didSanitize to true in that case
 (b) handle a bunch of the rule classes it explicitly doesn't handle
Comment 4 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2011-04-13 12:58:46 PDT
Pointer to code in question:
http://hg.mozilla.org/mozilla-central/file/a6467a88b056/content/html/document/src/nsHTMLFragmentContentSink.cpp#l1180
Comment 5 :Ehsan Akhgari (out sick) 2011-04-14 12:20:03 PDT
Created attachment 526076 [details] [diff] [review]
Patch (v1)
Comment 6 Boris Zbarsky [:bz] (Out June 25-July 6) 2011-04-14 12:40:26 PDT
Comment on attachment 526076 [details] [diff] [review]
Patch (v1)

r=me, but file a followup on maybe leaving the group rules in but sanitizing their contents?
Comment 7 :Ehsan Akhgari (out sick) 2011-04-14 13:04:38 PDT
Filed bug 650094.

CCing Henri as this patch probably steps on his tows...
Comment 8 Henri Sivonen (:hsivonen) 2011-04-15 03:28:20 PDT
(In reply to comment #7)
> CCing Henri as this patch probably steps on his tows...

Thanks. Whichever of the patch here and or the patch for bug 482909 lands first causes the patch for the other one to rot in such a way that eventually the fix here has to be rewritten on top of bug 482909.
Comment 9 :Ehsan Akhgari (out sick) 2011-04-15 07:02:48 PDT
http://hg.mozilla.org/mozilla-central/rev/4af1022fca83
Comment 13 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2011-04-19 15:29:52 PDT
Comment on attachment 526076 [details] [diff] [review]
Patch (v1)

a=dbaron for mozilla-aurora (from triage meeting)
Comment 14 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2011-04-19 15:30:40 PDT
Not tracking though, but please land on aurora.
Comment 15 :Ehsan Akhgari (out sick) 2011-04-20 11:02:50 PDT
http://hg.mozilla.org/mozilla-aurora/rev/b77a491994c1

Note You need to log in before you can comment on or make changes to this bug.