Closed Bug 649566 Opened 13 years ago Closed 13 years ago

@keyframe(s) missing from <style> sanitizing code in nsHTMLFragmentContentSink

Categories

(Core :: CSS Parsing and Computation, defect)

Product:
Core
Component:
CSS Parsing and Computation
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla6
Tracking Flags:
Tracking Status
firefox5 - fixed
status2.0 --- ?
status1.9.2 --- ?
status1.9.1 --- ?

People

(Reporter: craig.topper, Assigned: ehsan.akhgari)

Details

Attachments

(1 file)

Patch (v1)
6.22 KB, patch
bzbarsky
: review+
dbaron
: approval-mozilla-aurora+
Details | Diff | Splinter Review 
This code contains case statements for every other CSS rule type so should probably have the keyframe(s) rule types too.
The code is missing DOCUMENT_RULE too.
It should really also:
 (a) have a default: case, and set didSanitize to true in that case
 (b) handle a bunch of the rule classes it explicitly doesn't handle
Attached patch Patch (v1)Splinter Review 
Assignee: nobody → ehsan
Status: NEW → ASSIGNED

        Attachment #526076 -
        Flags: review?(bzbarsky)

    
    

    
  
Comment on attachment 526076 [details] [diff] [review]
Patch (v1)

r=me, but file a followup on maybe leaving the group rules in but sanitizing their contents?

        Attachment #526076 -
        Flags: review?(bzbarsky) → review+

    
    

    
  
Filed bug 650094.

CCing Henri as this patch probably steps on his tows...

    
    

    
  
(In reply to comment #7)
> CCing Henri as this patch probably steps on his tows...

Thanks. Whichever of the patch here and or the patch for bug 482909 lands first causes the patch for the other one to rot in such a way that eventually the fix here has to be rewritten on top of bug 482909.

    
    

    
  
http://hg.mozilla.org/mozilla-central/rev/4af1022fca83
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla6

    
  

          status1.9.1:
          --- → ?

          status1.9.2:
          --- → ?

          status2.0:
          --- → ?

          status-firefox5:
          --- → affected

          tracking-firefox5:
          --- → ?

    
    

    
  
Comment on attachment 526076 [details] [diff] [review]
Patch (v1)

a=dbaron for mozilla-aurora (from triage meeting)

        Attachment #526076 -
        Flags: approval-mozilla-aurora+

    
    

    
  
Not tracking though, but please land on aurora.

          tracking-firefox5:
          ?-

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: