[wpt-sync] Sync PR 21664 - [Trusted Types] Only accept parser's HTMLScriptElement::TextChildContent.
Categories
(Core :: DOM: Security, task, P4)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox75 | --- | fixed |
People
(Reporter: mozilla.org, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream][domsecurity-backlog])
Sync web-platform-tests PR 21664 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/21664
Details from upstream follow.
Daniel Vogelheim <vogelheim@chromium.org> wrote:
[Trusted Types] Only accept parser's HTMLScriptElement::TextChildContent.
A script might get access to an HTMLScriptELement instance before the parser
has finished parsing. In that case, the script might manipulate the content
before HTMLScriptElement::FinishParsingChildren() is called, and we should not
accept the TextChildContent() as having come from the parser. We resolev this
by remembering whether the HTMLScriptElement's children have ever been changed
by the API, and if so don't uppdate the script_text_internal_slot_.Bug: 1033101
Change-Id: Ia4972b1deb967b82b36b05176cca7d587b73bd50
Reviewed-on: https://chromium-review.googlesource.com/2041622
WPT-Export-Revision: a4c6d5c86e3e4fb095f9867742b20986608caa87
|
Assignee | |
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
|
Assignee | |
Comment 1•5 years ago
|
||
|
|
Assignee | |
Comment 2•5 years ago
|
||
CI Results
Ran 0 Firefox configurations based on mozilla-central, and Firefox, and Chrome on GitHub CI
Total 1 tests and 1 subtests
Status Summary
Firefox
OK : 1
FAIL: 1
Chrome
OK : 1
FAIL: 1
Links
Details
New Tests That Don't Pass
/trusted-types/HTMLScriptElement-internal-slot.tentative.html
Test TT application when manipulating <script> elements during loading.: FAIL (Chrome: FAIL)
|
||
Comment 4•5 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/91047e0348bf
https://hg.mozilla.org/mozilla-central/rev/1cfe26318529
Description
•