commit 15dd40aa7f725c868574151737f8f0af36d6a3fc
parent 1682fec657a997ce5ed5032b33b6cfa23bde9645
Author: Tom Schuster <tschuster@mozilla.com>
Date: Wed, 10 Dec 2025 09:56:47 +0000
Bug 2004683 - Sanitizer: The default config should materialize empty element's attributes. r=freddyb
Differential Revision: https://phabricator.services.mozilla.com/D275434
Diffstat:
1 file changed, 8 insertions(+), 0 deletions(-)
diff --git a/dom/security/sanitizer/Sanitizer.cpp b/dom/security/sanitizer/Sanitizer.cpp
@@ -578,6 +578,9 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// Step 7.1.1 For any element in config[elements]:
for (const auto& entry : *mElements) {
const CanonicalElementAttributes& elemAttributes = entry.GetData();
+ MOZ_ASSERT(
+ elemAttributes.mAttributes || elemAttributes.mRemoveAttributes,
+ "Canonical elements must at least have removeAttributes");
// Step 7.1.1.1. Neither element[attributes] or
// element[removeAttributes], if they exist, has duplicates.
@@ -782,6 +785,11 @@ void Sanitizer::MaybeMaterializeDefaultConfig() {
}
i++;
elementAttributes.mAttributes = Some(std::move(attributes));
+ } else {
+ // In the default config all elements have a (maybe empty) `attributes`
+ // list.
+ CanonicalAttributeSet set{};
+ elementAttributes.mAttributes = Some(std::move(set));
}
CanonicalElement elementName(name, aNamespace);
