tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE
commit 21c620c57790e5813371b252ef506e15bea88c75
parent 9d7faf035e9590310b3f6c86171a06aa30c29132
Author: Erik Nordin <enordin@mozilla.com>
Date:   Fri,  3 Oct 2025 16:01:48 +0000

Bug 1992423 - Use parseFromSafeString in translations-document.sys.mjs r=translations-reviewers,smaug,gregtatum

This patch updates the TranslationsDocument to use
`parseFromSafeString` when updating HTML elements with
their translated text. Without this, some security checks
may fail, causing the document to remain untranslated.

Differential Revision: https://phabricator.services.mozilla.com/D267430

Diffstat:

Mtoolkit/components/translations/content/translations-document.sys.mjs | 2+-


1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/toolkit/components/translations/content/translations-document.sys.mjs b/toolkit/components/translations/content/translations-document.sys.mjs
@@ -3244,7 +3244,7 @@ export class TranslationsDocument {
         } else if (element === targetNode) {
           elementCount++;
 
-          const translationsDocument = this.#domParser.parseFromString(
+          const translationsDocument = this.#domParser.parseFromSafeString(
             `<!DOCTYPE html><div>${translatedContent}</div>`,
             "text/html"
           );