commit 3be744628aee5722f47451b439b4e1da4637d3b6
parent 1572537fb1f62112c299fdbe059e9352d2aa1e88
Author: Cosmin Sabou <csabou@mozilla.com>
Date: Thu, 23 Oct 2025 12:43:25 +0300
Revert "Bug 1995715, Bug 1995726 - Sanitizer: Sort the default configuration. r=smaug" for causing wpt crashes.
This reverts commit cbd0a09437ba55ffd2f7c886b819f5a7427050bb.
Revert "Bug 1995715 - Sanitizer: Give elements and attributes their own class. r=smaug"
This reverts commit 4e46dd4854670153f9d574b4a3a179f46d2b7654.
Diffstat:
7 files changed, 800 insertions(+), 849 deletions(-)
diff --git a/dom/security/sanitizer/Sanitizer.cpp b/dom/security/sanitizer/Sanitizer.cpp
@@ -192,7 +192,7 @@ void Sanitizer::SetDefaultConfig() {
// https://wicg.github.io/sanitizer-api/#canonicalize-a-sanitizer-element
template <typename SanitizerElement>
-static CanonicalElement CanonicalizeElement(const SanitizerElement& aElement) {
+static CanonicalName CanonicalizeElement(const SanitizerElement& aElement) {
// return the result of canonicalize a sanitizer name with element and the
// HTML namespace as the default namespace.
@@ -203,7 +203,7 @@ static CanonicalElement CanonicalizeElement(const SanitizerElement& aElement) {
// → defaultNamespace]».
if (aElement.IsString()) {
RefPtr<nsAtom> nameAtom = NS_AtomizeMainThread(aElement.GetAsString());
- return CanonicalElement(nameAtom, nsGkAtoms::nsuri_xhtml);
+ return CanonicalName(nameAtom, nsGkAtoms::nsuri_xhtml);
}
// Step 3. Assert: name is a dictionary and both name["name"] and
@@ -223,12 +223,12 @@ static CanonicalElement CanonicalizeElement(const SanitizerElement& aElement) {
// )
// ]».
RefPtr<nsAtom> nameAtom = NS_AtomizeMainThread(elem.mName);
- return CanonicalElement(nameAtom, namespaceAtom);
+ return CanonicalName(nameAtom, namespaceAtom);
}
// https://wicg.github.io/sanitizer-api/#canonicalize-a-sanitizer-attribute
template <typename SanitizerAttribute>
-static CanonicalAttribute CanonicalizeAttribute(
+static CanonicalName CanonicalizeAttribute(
const SanitizerAttribute& aAttribute) {
// return the result of canonicalize a sanitizer name with attribute and
// null as the default namespace.
@@ -240,7 +240,7 @@ static CanonicalAttribute CanonicalizeAttribute(
// → defaultNamespace]».
if (aAttribute.IsString()) {
RefPtr<nsAtom> nameAtom = NS_AtomizeMainThread(aAttribute.GetAsString());
- return CanonicalAttribute(nameAtom, nullptr);
+ return CanonicalName(nameAtom, nullptr);
}
// Step 3. Assert: name is a dictionary and both name["name"] and
@@ -260,7 +260,7 @@ static CanonicalAttribute CanonicalizeAttribute(
// )
// ]».
RefPtr<nsAtom> nameAtom = NS_AtomizeMainThread(attr.mName);
- return CanonicalAttribute(nameAtom, namespaceAtom);
+ return CanonicalName(nameAtom, namespaceAtom);
}
// https://wicg.github.io/sanitizer-api/#canonicalize-a-sanitizer-element-with-attributes
@@ -284,13 +284,13 @@ static CanonicalElementAttributes CanonicalizeElementAttributes(
// Step 2.1. If element["attributes"] exists:
if (elem.mAttributes.WasPassed()) {
// Step 2.1.1. Let attributes be « ».
- CanonicalAttributeSet attributes;
+ CanonicalNameSet attributes;
// Step 2.1.2. For each attribute of element["attributes"]:
for (const auto& attribute : elem.mAttributes.Value()) {
// Step 2.1.2.1. Append the result of canonicalize a sanitizer attribute
// with attribute to attributes.
- CanonicalAttribute canonicalAttr = CanonicalizeAttribute(attribute);
+ CanonicalName canonicalAttr = CanonicalizeAttribute(attribute);
if (!attributes.EnsureInserted(canonicalAttr)) {
if (aErrorMsg) {
aErrorMsg->Assign(nsFmtCString(
@@ -308,13 +308,13 @@ static CanonicalElementAttributes CanonicalizeElementAttributes(
// Step 2.2. If element["attributes"] exists:
if (elem.mRemoveAttributes.WasPassed()) {
// Step 2.2.1. Let attributes be « ».
- CanonicalAttributeSet attributes;
+ CanonicalNameSet attributes;
// Step 2.2.2. For each attribute of element["removeAttributes"]:
for (const auto& attribute : elem.mRemoveAttributes.Value()) {
// Step 2.2.2.1. Append the result of canonicalize a sanitizer attribute
// with attribute to attributes.
- CanonicalAttribute canonicalAttr = CanonicalizeAttribute(attribute);
+ CanonicalName canonicalAttr = CanonicalizeAttribute(attribute);
if (!attributes.EnsureInserted(canonicalAttr)) {
if (aErrorMsg) {
aErrorMsg->Assign(nsFmtCString(
@@ -335,7 +335,7 @@ static CanonicalElementAttributes CanonicalizeElementAttributes(
// result["removeAttributes"] exist:
if (!result.mAttributes && !result.mRemoveAttributes) {
// Step 3.1. Set result["removeAttributes"] to « ».
- CanonicalAttributeSet set{};
+ CanonicalNameSet set{};
result.mRemoveAttributes = Some(std::move(set));
}
@@ -375,7 +375,7 @@ void Sanitizer::CanonicalizeConfiguration(const SanitizerConfig& aConfig,
for (const auto& element : aConfig.mElements.Value()) {
// Step 3.3.2.1. Append the result of canonicalize a sanitizer element
// with attributes element to elements.
- CanonicalElement elementName = CanonicalizeElement(element);
+ CanonicalName elementName = CanonicalizeElement(element);
if (elements.Contains(elementName)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING("Duplicate element {} in 'elements'."), elementName));
@@ -399,13 +399,13 @@ void Sanitizer::CanonicalizeConfiguration(const SanitizerConfig& aConfig,
// Step 4. If configuration["removeElements"] exists:
if (aConfig.mRemoveElements.WasPassed()) {
// Step 4.1. Let elements be « [] »
- CanonicalElementSet elements;
+ CanonicalNameSet elements;
// Step 4.2. For each element of configuration["removeElements"] do:
for (const auto& element : aConfig.mRemoveElements.Value()) {
// Step 4.2.1. Append the result of canonicalize a sanitizer element
// element to elements.
- CanonicalElement canonical = CanonicalizeElement(element);
+ CanonicalName canonical = CanonicalizeElement(element);
if (!elements.EnsureInserted(canonical)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING("Duplicate element {} in 'removeElements'."),
@@ -421,14 +421,14 @@ void Sanitizer::CanonicalizeConfiguration(const SanitizerConfig& aConfig,
// Step 5. If configuration["replaceWithChildrenElements"] exists:
if (aConfig.mReplaceWithChildrenElements.WasPassed()) {
// Step 5.1. Let elements be « [] »
- CanonicalElementSet elements;
+ CanonicalNameSet elements;
// Step 5.2. For each element of
// configuration["replaceWithChildrenElements"] do:
for (const auto& element : aConfig.mReplaceWithChildrenElements.Value()) {
// Step 5.2.1. Append the result of canonicalize a sanitizer element
// element to elements.
- CanonicalElement canonical = CanonicalizeElement(element);
+ CanonicalName canonical = CanonicalizeElement(element);
if (!elements.EnsureInserted(canonical)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING(
@@ -445,13 +445,13 @@ void Sanitizer::CanonicalizeConfiguration(const SanitizerConfig& aConfig,
// Step 6. If configuration["attributes"] exists:
if (aConfig.mAttributes.WasPassed()) {
// Step 6.1. Let attributes be « [] »
- CanonicalAttributeSet attributes;
+ CanonicalNameSet attributes;
// Step 6.2. For each attribute of configuration["attributes"] do:
for (const auto& attribute : aConfig.mAttributes.Value()) {
// Step 6.2.1. Append the result of canonicalize a sanitizer attribute
// attribute to attributes.
- CanonicalAttribute canonical = CanonicalizeAttribute(attribute);
+ CanonicalName canonical = CanonicalizeAttribute(attribute);
if (!attributes.EnsureInserted(canonical)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING("Duplicate attribute {} in 'attributes'."), canonical));
@@ -466,13 +466,13 @@ void Sanitizer::CanonicalizeConfiguration(const SanitizerConfig& aConfig,
// Step 7. If configuration["removeAttributes"] exists:
if (aConfig.mRemoveAttributes.WasPassed()) {
// Step 7.1. Let attributes be « [] »
- CanonicalAttributeSet attributes;
+ CanonicalNameSet attributes;
// Step 7.2. For each attribute of configuration["removeAttributes"] do:
for (const auto& attribute : aConfig.mRemoveAttributes.Value()) {
// Step 7.2.2. Append the result of canonicalize a sanitizer attribute
// attribute to attributes.
- CanonicalAttribute canonical = CanonicalizeAttribute(attribute);
+ CanonicalName canonical = CanonicalizeAttribute(attribute);
if (!attributes.EnsureInserted(canonical)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING("Duplicate attribute {} in 'removeAttributes'."),
@@ -545,7 +545,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// exist, then the intersection of config[elements] and
// config[replaceWithChildrenElements] is empty.
if (mElements && mReplaceWithChildrenElements) {
- for (const CanonicalElement& name : mElements->Keys()) {
+ for (const CanonicalName& name : mElements->Keys()) {
if (mReplaceWithChildrenElements->Contains(name)) {
aRv.ThrowTypeError(
nsFmtCString(FMT_STRING("Element {} can't be in both 'elements' "
@@ -560,7 +560,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// config[replaceWithChildrenElements] exist, then the intersection of
// config[removeElements] and config[replaceWithChildrenElements] is empty.
if (mRemoveElements && mReplaceWithChildrenElements) {
- for (const CanonicalElement& name : *mRemoveElements) {
+ for (const CanonicalName& name : *mRemoveElements) {
if (mReplaceWithChildrenElements->Contains(name)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING("Element {} can't be in both 'removeElements' and "
@@ -590,7 +590,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// Step 7.1.1.2. The intersection of config[attributes] and
// element[attributes] with default « [] » is empty.
if (elemAttributes.mAttributes) {
- for (const CanonicalAttribute& name : *elemAttributes.mAttributes) {
+ for (const CanonicalName& name : *elemAttributes.mAttributes) {
if (mAttributes->Contains(name)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING(
@@ -605,8 +605,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// Step 7.1.1.3. element[removeAttributes] is a subset of
// config[attributes].
if (elemAttributes.mRemoveAttributes) {
- for (const CanonicalAttribute& name :
- *elemAttributes.mRemoveAttributes) {
+ for (const CanonicalName& name : *elemAttributes.mRemoveAttributes) {
if (!mAttributes->Contains(name)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING(
@@ -626,7 +625,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// TODO: Merge with loop above?
// Step 7.1.1.4.1. element[attributes] does not contain a custom
// data attribute.
- for (const CanonicalAttribute& name : *elemAttributes.mAttributes) {
+ for (const CanonicalName& name : *elemAttributes.mAttributes) {
if (name.IsDataAttribute()) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING(
@@ -647,7 +646,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
if (*mDataAttributes) {
// Step 7.2.1. config[attributes] does not contain a custom data
// attribute.
- for (const CanonicalAttribute& name : *mAttributes) {
+ for (const CanonicalName& name : *mAttributes) {
if (name.IsDataAttribute()) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING("Data attribute {} in the global 'attributes' is "
@@ -687,7 +686,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// Step 8.1.3. The intersection of config[removeAttributes] and
// element[attributes] with default « [] » is empty.
if (elemAttributes.mAttributes) {
- for (const CanonicalAttribute& name : *elemAttributes.mAttributes) {
+ for (const CanonicalName& name : *elemAttributes.mAttributes) {
if (mRemoveAttributes->Contains(name)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING(
@@ -702,8 +701,7 @@ void Sanitizer::IsValid(ErrorResult& aRv) {
// Step 8.1.4. The intersection of config[removeAttributes] and
// element[removeAttributes] with default « [] » is empty.
if (elemAttributes.mRemoveAttributes) {
- for (const CanonicalAttribute& name :
- *elemAttributes.mRemoveAttributes) {
+ for (const CanonicalName& name : *elemAttributes.mRemoveAttributes) {
if (mRemoveAttributes->Contains(name)) {
aRv.ThrowTypeError(nsFmtCString(
FMT_STRING("Attribute {} can't be part of both the "
@@ -775,16 +773,15 @@ void Sanitizer::MaybeMaterializeDefaultConfig() {
CanonicalElementAttributes elementAttributes{};
if (name == aElementWithAttributes[i]) {
- CanonicalAttributeSet attributes;
+ CanonicalNameSet attributes;
while (aElementWithAttributes[++i]) {
- attributes.Insert(
- CanonicalAttribute(aElementWithAttributes[i], nullptr));
+ attributes.Insert(CanonicalName(aElementWithAttributes[i], nullptr));
}
i++;
elementAttributes.mAttributes = Some(std::move(attributes));
}
- CanonicalElement elementName(name, aNamespace);
+ CanonicalName elementName = CanonicalName(name, aNamespace);
elements.InsertOrUpdate(elementName, std::move(elementAttributes));
}
};
@@ -796,9 +793,9 @@ void Sanitizer::MaybeMaterializeDefaultConfig() {
kSVGElementWithAttributes);
mElements = Some(std::move(elements));
- CanonicalAttributeSet attributes;
+ CanonicalNameSet attributes;
for (nsStaticAtom* name : kDefaultAttributes) {
- attributes.Insert(CanonicalAttribute(name, nullptr));
+ attributes.Insert(CanonicalName(name, nullptr));
}
mAttributes = Some(std::move(attributes));
@@ -838,7 +835,7 @@ void Sanitizer::Get(SanitizerConfig& aConfig) {
// order config["removeElements"], with elementA being less than item
// elementB.
nsTArray<OwningStringOrSanitizerElementNamespace> removeElements;
- for (const CanonicalElement& canonical : *mRemoveElements) {
+ for (const CanonicalName& canonical : *mRemoveElements) {
OwningStringOrSanitizerElementNamespace owning;
owning.SetAsSanitizerElementNamespace() =
canonical.ToSanitizerElementNamespace();
@@ -855,7 +852,7 @@ void Sanitizer::Get(SanitizerConfig& aConfig) {
// being less than item elementB.
nsTArray<OwningStringOrSanitizerElementNamespace>
replaceWithChildrenElements;
- for (const CanonicalElement& canonical : *mReplaceWithChildrenElements) {
+ for (const CanonicalName& canonical : *mReplaceWithChildrenElements) {
OwningStringOrSanitizerElementNamespace owning;
owning.SetAsSanitizerElementNamespace() =
canonical.ToSanitizerElementNamespace();
@@ -897,7 +894,7 @@ bool Sanitizer::AllowElement(
// Step 1. Set element to the result of canonicalize a sanitizer element
// with attributes with element.
- CanonicalElement elementName = CanonicalizeElement(aElement);
+ CanonicalName elementName = CanonicalizeElement(aElement);
// NOTE: Duplicate attributes are removed/ignored.
CanonicalElementAttributes elementAttributes =
CanonicalizeElementAttributes(aElement);
@@ -918,8 +915,8 @@ bool Sanitizer::AllowElement(
if (mAttributes) {
// Step 2.3.1. If element["attributes"] exists:
if (elementAttributes.mAttributes) {
- CanonicalAttributeSet attributes;
- for (const CanonicalAttribute& attr : *elementAttributes.mAttributes) {
+ CanonicalNameSet attributes;
+ for (const CanonicalName& attr : *elementAttributes.mAttributes) {
// Step 2.3.1.1. Set element["attributes"] to remove duplicates from
// element["attributes"].
MOZ_ASSERT(!attributes.Contains(attr));
@@ -948,9 +945,8 @@ bool Sanitizer::AllowElement(
// Step 2.3.2. If element["removeAttributes"] exists:
if (elementAttributes.mRemoveAttributes) {
- CanonicalAttributeSet removeAttributes;
- for (const CanonicalAttribute& attr :
- *elementAttributes.mRemoveAttributes) {
+ CanonicalNameSet removeAttributes;
+ for (const CanonicalName& attr : *elementAttributes.mRemoveAttributes) {
// Step 2.3.2.1. Set element["removeAttributes"] to remove duplicates
// from element["removeAttributes"].
//
@@ -972,8 +968,8 @@ bool Sanitizer::AllowElement(
// Step 2.4.1. If element["attributes"] exists:
if (elementAttributes.mAttributes) {
- CanonicalAttributeSet attributes;
- for (const CanonicalAttribute& attr : *elementAttributes.mAttributes) {
+ CanonicalNameSet attributes;
+ for (const CanonicalName& attr : *elementAttributes.mAttributes) {
// Step 2.4.1.1. Set element["attributes"] to remove duplicates from
// element["attributes"].
//
@@ -1004,9 +1000,8 @@ bool Sanitizer::AllowElement(
// Step 2.4.2. If element["removeAttributes"] exists:
if (elementAttributes.mRemoveAttributes) {
- CanonicalAttributeSet removeAttributes;
- for (const CanonicalAttribute& attr :
- *elementAttributes.mRemoveAttributes) {
+ CanonicalNameSet removeAttributes;
+ for (const CanonicalName& attr : *elementAttributes.mRemoveAttributes) {
// Step 2.4.2.1. Set element["removeAttributes"] to remove duplicates
// from element["removeAttributes"].
MOZ_ASSERT(!removeAttributes.Contains(attr));
@@ -1104,12 +1099,12 @@ bool Sanitizer::RemoveElement(
// Step 1. Set element to the result of canonicalize a sanitizer element
// with element.
- CanonicalElement element = CanonicalizeElement(aElement);
+ CanonicalName element = CanonicalizeElement(aElement);
return RemoveElementCanonical(std::move(element));
}
-bool Sanitizer::RemoveElementCanonical(CanonicalElement&& aElement) {
+bool Sanitizer::RemoveElementCanonical(CanonicalName&& aElement) {
// Step 2. Set modified to the result of remove element from
// configuration["replaceWithChildrenElements"].
bool modified = mReplaceWithChildrenElements
@@ -1164,7 +1159,7 @@ bool Sanitizer::ReplaceElementWithChildren(
// Step 1. Set element to the result of canonicalize a sanitizer element
// with element.
- CanonicalElement element = CanonicalizeElement(aElement);
+ CanonicalName element = CanonicalizeElement(aElement);
// Step 2. If configuration["replaceWithChildrenElements"] contains element:
if (mReplaceWithChildrenElements &&
@@ -1198,7 +1193,7 @@ bool Sanitizer::AllowAttribute(
// Step 1. Set attribute to the result of canonicalize a sanitizer attribute
// with attribute.
- CanonicalAttribute attribute = CanonicalizeAttribute(aAttribute);
+ CanonicalName attribute = CanonicalizeAttribute(aAttribute);
// Step 2. If configuration["attributes"] exists:
if (mAttributes) {
@@ -1276,12 +1271,12 @@ bool Sanitizer::RemoveAttribute(
// Step 1. Set attribute to the result of canonicalize a sanitizer attribute
// with attribute.
- CanonicalAttribute attribute = CanonicalizeAttribute(aAttribute);
+ CanonicalName attribute = CanonicalizeAttribute(aAttribute);
return RemoveAttributeCanonical(std::move(attribute));
}
-bool Sanitizer::RemoveAttributeCanonical(CanonicalAttribute&& aAttribute) {
+bool Sanitizer::RemoveAttributeCanonical(CanonicalName&& aAttribute) {
// Step 2. If configuration["attributes"] exists:
if (mAttributes) {
// Step 2.1. Comment: If we have a global allow-list, we need to add
@@ -1402,7 +1397,7 @@ bool Sanitizer::SetDataAttributes(bool aAllow) {
// Step 3.1. Remove any items attr from configuration["attributes"] where
// attr is a custom data attribute.
- mAttributes->RemoveIf([](const CanonicalAttribute& aAttribute) {
+ mAttributes->RemoveIf([](const CanonicalName& aAttribute) {
return aAttribute.IsDataAttribute();
});
@@ -1416,7 +1411,7 @@ bool Sanitizer::SetDataAttributes(bool aAllow) {
// Step 3.2.1.1.1. Remove any items attr from element[attributes]
// where attr is a custom data attribute.
elemAttributes.mAttributes->RemoveIf(
- [](const CanonicalAttribute& aAttribute) {
+ [](const CanonicalName& aAttribute) {
return aAttribute.IsDataAttribute();
});
}
@@ -1434,11 +1429,11 @@ bool Sanitizer::SetDataAttributes(bool aAllow) {
// https://wicg.github.io/sanitizer-api/#built-in-safe-baseline-configuration
// The built-in safe baseline configuration
#define FOR_EACH_BASELINE_REMOVE_ELEMENT(ELEMENT) \
- ELEMENT(XHTML, xhtml, embed) \
+ ELEMENT(XHTML, xhtml, script) \
ELEMENT(XHTML, xhtml, frame) \
ELEMENT(XHTML, xhtml, iframe) \
ELEMENT(XHTML, xhtml, object) \
- ELEMENT(XHTML, xhtml, script) \
+ ELEMENT(XHTML, xhtml, embed) \
ELEMENT(SVG, svg, script) \
ELEMENT(SVG, svg, use)
@@ -1455,12 +1450,12 @@ bool Sanitizer::RemoveUnsafe() {
// Step 3. For each element in built-in safe baseline
// configuration[removeElements]:
-#define ELEMENT(_, NSURI, LOCAL_NAME) \
- /* Step 3.1. Call remove an element element from configuration. */ \
- if (RemoveElementCanonical(CanonicalElement(nsGkAtoms::LOCAL_NAME, \
- nsGkAtoms::nsuri_##NSURI))) { \
- /* Step 3.2. If the call returned true, set result to true. */ \
- result = true; \
+#define ELEMENT(_, NSURI, LOCAL_NAME) \
+ /* Step 3.1. Call remove an element element from configuration. */ \
+ if (RemoveElementCanonical( \
+ CanonicalName(nsGkAtoms::LOCAL_NAME, nsGkAtoms::nsuri_##NSURI))) { \
+ /* Step 3.2. If the call returned true, set result to true. */ \
+ result = true; \
}
FOR_EACH_BASELINE_REMOVE_ELEMENT(ELEMENT)
@@ -1477,8 +1472,7 @@ bool Sanitizer::RemoveUnsafe() {
EventNameType_All & ~EventNameType_XUL,
[self = MOZ_KnownLive(this), &result](nsAtom* aName) {
// Step 5.1. Call remove an attribute attribute from configuration.
- if (self->RemoveAttributeCanonical(
- CanonicalAttribute(aName, nullptr))) {
+ if (self->RemoveAttributeCanonical(CanonicalName(aName, nullptr))) {
// Step 5.2. If the call returned true, set result to true.
result = true;
}
@@ -1581,7 +1575,7 @@ void Sanitizer::SanitizeChildren(nsINode* aNode, bool aSafe) {
nsAtom* nameAtom = child->NodeInfo()->NameAtom();
int32_t namespaceID = child->NodeInfo()->NamespaceID();
// Make sure this is optimized away when using the default config.
- Maybe<CanonicalElement> elementName;
+ Maybe<CanonicalName> elementName;
// This is only used for the default config case.
[[maybe_unused]] StaticAtomSet* elementAttributes = nullptr;
if constexpr (!IsDefaultConfig) {
@@ -1796,7 +1790,7 @@ static bool RemoveJavascriptNavigationURLAttribute(Element* aElement,
}
void Sanitizer::SanitizeAttributes(Element* aChild,
- const CanonicalElement& aElementName,
+ const CanonicalName& aElementName,
bool aSafe) {
MOZ_ASSERT(!mIsDefaultConfig);
@@ -1819,7 +1813,7 @@ void Sanitizer::SanitizeAttributes(Element* aChild,
const nsAttrName* attr = aChild->GetAttrNameAt(i);
RefPtr<nsAtom> attrLocalName = attr->LocalName();
int32_t attrNs = attr->NamespaceID();
- CanonicalAttribute attrName(attrLocalName, ToNamespace(attrNs));
+ CanonicalName attrName(attrLocalName, ToNamespace(attrNs));
bool remove = false;
// Optimization: Remove unsafe event handler content attributes.
diff --git a/dom/security/sanitizer/Sanitizer.h b/dom/security/sanitizer/Sanitizer.h
@@ -87,13 +87,13 @@ class Sanitizer final : public nsISupports, public nsWrapperCache {
void MaybeMaterializeDefaultConfig();
- bool RemoveElementCanonical(sanitizer::CanonicalElement&& aElement);
- bool RemoveAttributeCanonical(sanitizer::CanonicalAttribute&& aAttribute);
+ bool RemoveElementCanonical(sanitizer::CanonicalName&& aElement);
+ bool RemoveAttributeCanonical(sanitizer::CanonicalName&& aAttribute);
template <bool IsDefaultConfig>
void SanitizeChildren(nsINode* aNode, bool aSafe);
void SanitizeAttributes(Element* aChild,
- const sanitizer::CanonicalElement& aElementName,
+ const sanitizer::CanonicalName& aElementName,
bool aSafe);
void SanitizeDefaultConfigAttributes(Element* aChild,
StaticAtomSet* aElementAttributes,
@@ -131,11 +131,11 @@ class Sanitizer final : public nsISupports, public nsWrapperCache {
RefPtr<nsIGlobalObject> mGlobal;
Maybe<sanitizer::CanonicalElementMap> mElements;
- Maybe<sanitizer::CanonicalElementSet> mRemoveElements;
- Maybe<sanitizer::CanonicalElementSet> mReplaceWithChildrenElements;
+ Maybe<sanitizer::CanonicalNameSet> mRemoveElements;
+ Maybe<sanitizer::CanonicalNameSet> mReplaceWithChildrenElements;
- Maybe<sanitizer::CanonicalAttributeSet> mAttributes;
- Maybe<sanitizer::CanonicalAttributeSet> mRemoveAttributes;
+ Maybe<sanitizer::CanonicalNameSet> mAttributes;
+ Maybe<sanitizer::CanonicalNameSet> mRemoveAttributes;
bool mComments = false;
// mDataAttributes always exists when mAttributes exists after
diff --git a/dom/security/sanitizer/SanitizerDefaultConfig.h b/dom/security/sanitizer/SanitizerDefaultConfig.h
@@ -15,81 +15,81 @@ namespace mozilla::dom::sanitizer {
constexpr nsStaticAtom* kDefaultHTMLElements[] = {
// clang-format off
- nsGkAtoms::a,
- nsGkAtoms::abbr,
- nsGkAtoms::address,
+ nsGkAtoms::html,
+ nsGkAtoms::head,
+ nsGkAtoms::title,
+ nsGkAtoms::body,
nsGkAtoms::article,
+ nsGkAtoms::section,
+ nsGkAtoms::nav,
nsGkAtoms::aside,
- nsGkAtoms::b,
- nsGkAtoms::bdi,
- nsGkAtoms::bdo,
- nsGkAtoms::blockquote,
- nsGkAtoms::body,
- nsGkAtoms::br,
- nsGkAtoms::caption,
- nsGkAtoms::cite,
- nsGkAtoms::code,
- nsGkAtoms::col,
- nsGkAtoms::colgroup,
- nsGkAtoms::data,
- nsGkAtoms::dd,
- nsGkAtoms::del,
- nsGkAtoms::dfn,
- nsGkAtoms::div,
- nsGkAtoms::dl,
- nsGkAtoms::dt,
- nsGkAtoms::em,
- nsGkAtoms::figcaption,
- nsGkAtoms::figure,
- nsGkAtoms::footer,
nsGkAtoms::h1,
nsGkAtoms::h2,
nsGkAtoms::h3,
nsGkAtoms::h4,
nsGkAtoms::h5,
nsGkAtoms::h6,
- nsGkAtoms::head,
- nsGkAtoms::header,
nsGkAtoms::hgroup,
+ nsGkAtoms::header,
+ nsGkAtoms::footer,
+ nsGkAtoms::address,
+ nsGkAtoms::p,
nsGkAtoms::hr,
- nsGkAtoms::html,
- nsGkAtoms::i,
- nsGkAtoms::ins,
- nsGkAtoms::kbd,
+ nsGkAtoms::pre,
+ nsGkAtoms::blockquote,
+ nsGkAtoms::ol,
+ nsGkAtoms::ul,
+ nsGkAtoms::menu,
nsGkAtoms::li,
+ nsGkAtoms::dl,
+ nsGkAtoms::dt,
+ nsGkAtoms::dd,
+ nsGkAtoms::figure,
+ nsGkAtoms::figcaption,
nsGkAtoms::main,
- nsGkAtoms::mark,
- nsGkAtoms::menu,
- nsGkAtoms::nav,
- nsGkAtoms::ol,
- nsGkAtoms::p,
- nsGkAtoms::pre,
+ nsGkAtoms::search,
+ nsGkAtoms::div,
+ nsGkAtoms::a,
+ nsGkAtoms::em,
+ nsGkAtoms::strong,
+ nsGkAtoms::small,
+ nsGkAtoms::s,
+ nsGkAtoms::cite,
nsGkAtoms::q,
- nsGkAtoms::rp,
- nsGkAtoms::rt,
+ nsGkAtoms::dfn,
+ nsGkAtoms::abbr,
nsGkAtoms::ruby,
- nsGkAtoms::s,
+ nsGkAtoms::rt,
+ nsGkAtoms::rp,
+ nsGkAtoms::data,
+ nsGkAtoms::time,
+ nsGkAtoms::code,
+ nsGkAtoms::var,
nsGkAtoms::samp,
- nsGkAtoms::search,
- nsGkAtoms::section,
- nsGkAtoms::small,
- nsGkAtoms::span,
- nsGkAtoms::strong,
+ nsGkAtoms::kbd,
nsGkAtoms::sub,
nsGkAtoms::sup,
+ nsGkAtoms::i,
+ nsGkAtoms::b,
+ nsGkAtoms::u,
+ nsGkAtoms::mark,
+ nsGkAtoms::bdi,
+ nsGkAtoms::bdo,
+ nsGkAtoms::span,
+ nsGkAtoms::br,
+ nsGkAtoms::wbr,
+ nsGkAtoms::ins,
+ nsGkAtoms::del,
nsGkAtoms::table,
+ nsGkAtoms::caption,
+ nsGkAtoms::colgroup,
+ nsGkAtoms::col,
nsGkAtoms::tbody,
- nsGkAtoms::td,
- nsGkAtoms::tfoot,
- nsGkAtoms::th,
nsGkAtoms::thead,
- nsGkAtoms::time,
- nsGkAtoms::title,
+ nsGkAtoms::tfoot,
nsGkAtoms::tr,
- nsGkAtoms::u,
- nsGkAtoms::ul,
- nsGkAtoms::var,
- nsGkAtoms::wbr,
+ nsGkAtoms::td,
+ nsGkAtoms::th,
// clang-format on
};
@@ -127,29 +127,39 @@ constexpr nsStaticAtom* kDefaultMathMLElements[] = {
constexpr nsStaticAtom* kDefaultSVGElements[] = {
// clang-format off
- nsGkAtoms::circle,
+ nsGkAtoms::svg,
+ nsGkAtoms::g,
nsGkAtoms::defs,
+ nsGkAtoms::title,
nsGkAtoms::desc,
- nsGkAtoms::ellipse,
- nsGkAtoms::foreignObject,
- nsGkAtoms::g,
- nsGkAtoms::line,
- nsGkAtoms::marker,
nsGkAtoms::metadata,
nsGkAtoms::path,
- nsGkAtoms::polygon,
- nsGkAtoms::polyline,
nsGkAtoms::rect,
- nsGkAtoms::svg,
+ nsGkAtoms::circle,
+ nsGkAtoms::ellipse,
+ nsGkAtoms::line,
+ nsGkAtoms::polyline,
+ nsGkAtoms::polygon,
nsGkAtoms::text,
- nsGkAtoms::textPath,
- nsGkAtoms::title,
nsGkAtoms::tspan,
+ nsGkAtoms::textPath,
+ nsGkAtoms::foreignObject,
+ nsGkAtoms::marker,
// clang-format on
};
constexpr nsStaticAtom* kDefaultAttributes[] = {
// clang-format off
+ nsGkAtoms::dir,
+ nsGkAtoms::lang,
+ nsGkAtoms::title,
+ nsGkAtoms::displaystyle,
+ nsGkAtoms::mathbackground,
+ nsGkAtoms::mathcolor,
+ nsGkAtoms::mathsize,
+ nsGkAtoms::scriptlevel,
+ nsGkAtoms::fill,
+ nsGkAtoms::transform,
nsGkAtoms::alignment_baseline,
nsGkAtoms::baseline_shift,
nsGkAtoms::clip_path,
@@ -157,12 +167,9 @@ constexpr nsStaticAtom* kDefaultAttributes[] = {
nsGkAtoms::color,
nsGkAtoms::color_interpolation,
nsGkAtoms::cursor,
- nsGkAtoms::dir,
nsGkAtoms::direction,
nsGkAtoms::display,
- nsGkAtoms::displaystyle,
nsGkAtoms::dominant_baseline,
- nsGkAtoms::fill,
nsGkAtoms::fill_opacity,
nsGkAtoms::fill_rule,
nsGkAtoms::font_family,
@@ -172,18 +179,13 @@ constexpr nsStaticAtom* kDefaultAttributes[] = {
nsGkAtoms::font_style,
nsGkAtoms::font_variant,
nsGkAtoms::font_weight,
- nsGkAtoms::lang,
nsGkAtoms::letter_spacing,
nsGkAtoms::marker_end,
nsGkAtoms::marker_mid,
nsGkAtoms::marker_start,
- nsGkAtoms::mathbackground,
- nsGkAtoms::mathcolor,
- nsGkAtoms::mathsize,
nsGkAtoms::opacity,
nsGkAtoms::paint_order,
nsGkAtoms::pointer_events,
- nsGkAtoms::scriptlevel,
nsGkAtoms::shape_rendering,
nsGkAtoms::stop_color,
nsGkAtoms::stop_opacity,
@@ -199,8 +201,6 @@ constexpr nsStaticAtom* kDefaultAttributes[] = {
nsGkAtoms::text_decoration,
nsGkAtoms::text_overflow,
nsGkAtoms::text_rendering,
- nsGkAtoms::title,
- nsGkAtoms::transform,
nsGkAtoms::transform_origin,
nsGkAtoms::unicode_bidi,
nsGkAtoms::vector_effect,
@@ -214,54 +214,54 @@ constexpr nsStaticAtom* kDefaultAttributes[] = {
// Data is encoded as: element, attributes..., nullptr
constexpr nsStaticAtom* kHTMLElementWithAttributes[] = {
// clang-format off
- /* element */ nsGkAtoms::a,
- nsGkAtoms::href,
- nsGkAtoms::hreflang,
- nsGkAtoms::rel,
- nsGkAtoms::type,
- nullptr,
/* element */ nsGkAtoms::blockquote,
nsGkAtoms::cite,
nullptr,
- /* element */ nsGkAtoms::col,
- nsGkAtoms::span,
+ /* element */ nsGkAtoms::ol,
+ nsGkAtoms::reversed,
+ nsGkAtoms::start,
+ nsGkAtoms::type,
nullptr,
- /* element */ nsGkAtoms::colgroup,
- nsGkAtoms::span,
+ /* element */ nsGkAtoms::li,
+ nsGkAtoms::value,
+ nullptr,
+ /* element */ nsGkAtoms::a,
+ nsGkAtoms::href,
+ nsGkAtoms::rel,
+ nsGkAtoms::hreflang,
+ nsGkAtoms::type,
nullptr,
/* element */ nsGkAtoms::data,
nsGkAtoms::value,
nullptr,
- /* element */ nsGkAtoms::del,
- nsGkAtoms::cite,
+ /* element */ nsGkAtoms::time,
nsGkAtoms::datetime,
nullptr,
/* element */ nsGkAtoms::ins,
nsGkAtoms::cite,
nsGkAtoms::datetime,
nullptr,
- /* element */ nsGkAtoms::li,
- nsGkAtoms::value,
+ /* element */ nsGkAtoms::del,
+ nsGkAtoms::cite,
+ nsGkAtoms::datetime,
nullptr,
- /* element */ nsGkAtoms::ol,
- nsGkAtoms::reversed,
- nsGkAtoms::start,
- nsGkAtoms::type,
+ /* element */ nsGkAtoms::colgroup,
+ nsGkAtoms::span,
+ nullptr,
+ /* element */ nsGkAtoms::col,
+ nsGkAtoms::span,
nullptr,
/* element */ nsGkAtoms::td,
nsGkAtoms::colspan,
- nsGkAtoms::headers,
nsGkAtoms::rowspan,
+ nsGkAtoms::headers,
nullptr,
/* element */ nsGkAtoms::th,
- nsGkAtoms::abbr,
nsGkAtoms::colspan,
- nsGkAtoms::headers,
nsGkAtoms::rowspan,
+ nsGkAtoms::headers,
nsGkAtoms::scope,
- nullptr,
- /* element */ nsGkAtoms::time,
- nsGkAtoms::datetime,
+ nsGkAtoms::abbr,
nullptr,
/* sentinel */ nullptr,
// clang-format on
@@ -270,32 +270,32 @@ constexpr nsStaticAtom* kHTMLElementWithAttributes[] = {
constexpr nsStaticAtom* kMathMLElementWithAttributes[] = {
// clang-format off
/* element */ nsGkAtoms::mo,
- nsGkAtoms::fence,
nsGkAtoms::form,
- nsGkAtoms::largeop,
+ nsGkAtoms::fence,
+ nsGkAtoms::separator,
nsGkAtoms::lspace,
- nsGkAtoms::maxsize,
- nsGkAtoms::minsize,
- nsGkAtoms::movablelimits,
nsGkAtoms::rspace,
- nsGkAtoms::separator,
nsGkAtoms::stretchy,
nsGkAtoms::symmetric,
+ nsGkAtoms::maxsize,
+ nsGkAtoms::minsize,
+ nsGkAtoms::largeop,
+ nsGkAtoms::movablelimits,
nullptr,
/* element */ nsGkAtoms::mover,
nsGkAtoms::accent,
nullptr,
/* element */ nsGkAtoms::mpadded,
- nsGkAtoms::depth,
+ nsGkAtoms::width,
nsGkAtoms::height,
+ nsGkAtoms::depth,
nsGkAtoms::lspace,
nsGkAtoms::voffset,
- nsGkAtoms::width,
nullptr,
/* element */ nsGkAtoms::mspace,
- nsGkAtoms::depth,
- nsGkAtoms::height,
nsGkAtoms::width,
+ nsGkAtoms::height,
+ nsGkAtoms::depth,
nullptr,
/* element */ nsGkAtoms::mtd,
nsGkAtoms::columnspan,
@@ -314,97 +314,97 @@ constexpr nsStaticAtom* kMathMLElementWithAttributes[] = {
constexpr nsStaticAtom* kSVGElementWithAttributes[] = {
// clang-format off
+ /* element */ nsGkAtoms::svg,
+ nsGkAtoms::viewBox,
+ nsGkAtoms::preserveAspectRatio,
+ nsGkAtoms::height,
+ nsGkAtoms::width,
+ nsGkAtoms::x,
+ nsGkAtoms::y,
+ nullptr,
+ /* element */ nsGkAtoms::path,
+ nsGkAtoms::pathLength,
+ nsGkAtoms::d,
+ nullptr,
+ /* element */ nsGkAtoms::rect,
+ nsGkAtoms::pathLength,
+ nsGkAtoms::x,
+ nsGkAtoms::y,
+ nsGkAtoms::width,
+ nsGkAtoms::height,
+ nsGkAtoms::rx,
+ nsGkAtoms::ry,
+ nullptr,
/* element */ nsGkAtoms::circle,
+ nsGkAtoms::pathLength,
nsGkAtoms::cx,
nsGkAtoms::cy,
- nsGkAtoms::pathLength,
nsGkAtoms::r,
nullptr,
/* element */ nsGkAtoms::ellipse,
+ nsGkAtoms::pathLength,
nsGkAtoms::cx,
nsGkAtoms::cy,
- nsGkAtoms::pathLength,
nsGkAtoms::rx,
nsGkAtoms::ry,
nullptr,
- /* element */ nsGkAtoms::foreignObject,
- nsGkAtoms::height,
- nsGkAtoms::width,
- nsGkAtoms::x,
- nsGkAtoms::y,
- nullptr,
/* element */ nsGkAtoms::line,
nsGkAtoms::pathLength,
nsGkAtoms::x1,
- nsGkAtoms::x2,
nsGkAtoms::y1,
+ nsGkAtoms::x2,
nsGkAtoms::y2,
nullptr,
- /* element */ nsGkAtoms::marker,
- nsGkAtoms::markerHeight,
- nsGkAtoms::markerUnits,
- nsGkAtoms::markerWidth,
- nsGkAtoms::orient,
- nsGkAtoms::preserveAspectRatio,
- nsGkAtoms::refX,
- nsGkAtoms::refY,
- nsGkAtoms::viewBox,
- nullptr,
- /* element */ nsGkAtoms::path,
- nsGkAtoms::d,
- nsGkAtoms::pathLength,
- nullptr,
- /* element */ nsGkAtoms::polygon,
+ /* element */ nsGkAtoms::polyline,
nsGkAtoms::pathLength,
nsGkAtoms::points,
nullptr,
- /* element */ nsGkAtoms::polyline,
+ /* element */ nsGkAtoms::polygon,
nsGkAtoms::pathLength,
nsGkAtoms::points,
nullptr,
- /* element */ nsGkAtoms::rect,
- nsGkAtoms::height,
- nsGkAtoms::pathLength,
- nsGkAtoms::rx,
- nsGkAtoms::ry,
- nsGkAtoms::width,
+ /* element */ nsGkAtoms::text,
+ nsGkAtoms::lengthAdjust,
nsGkAtoms::x,
nsGkAtoms::y,
+ nsGkAtoms::dx,
+ nsGkAtoms::dy,
+ nsGkAtoms::rotate,
+ nsGkAtoms::textLength,
nullptr,
- /* element */ nsGkAtoms::svg,
- nsGkAtoms::height,
- nsGkAtoms::preserveAspectRatio,
- nsGkAtoms::viewBox,
- nsGkAtoms::width,
+ /* element */ nsGkAtoms::tspan,
+ nsGkAtoms::lengthAdjust,
nsGkAtoms::x,
nsGkAtoms::y,
- nullptr,
- /* element */ nsGkAtoms::text,
nsGkAtoms::dx,
nsGkAtoms::dy,
- nsGkAtoms::lengthAdjust,
nsGkAtoms::rotate,
nsGkAtoms::textLength,
- nsGkAtoms::x,
- nsGkAtoms::y,
nullptr,
/* element */ nsGkAtoms::textPath,
nsGkAtoms::lengthAdjust,
- nsGkAtoms::method,
+ nsGkAtoms::textLength,
nsGkAtoms::path,
- nsGkAtoms::side,
- nsGkAtoms::spacing,
nsGkAtoms::startOffset,
- nsGkAtoms::textLength,
+ nsGkAtoms::method,
+ nsGkAtoms::spacing,
+ nsGkAtoms::side,
nullptr,
- /* element */ nsGkAtoms::tspan,
- nsGkAtoms::dx,
- nsGkAtoms::dy,
- nsGkAtoms::lengthAdjust,
- nsGkAtoms::rotate,
- nsGkAtoms::textLength,
+ /* element */ nsGkAtoms::foreignObject,
nsGkAtoms::x,
nsGkAtoms::y,
+ nsGkAtoms::width,
+ nsGkAtoms::height,
+ nullptr,
+ /* element */ nsGkAtoms::marker,
+ nsGkAtoms::viewBox,
+ nsGkAtoms::preserveAspectRatio,
+ nsGkAtoms::refX,
+ nsGkAtoms::refY,
+ nsGkAtoms::markerUnits,
+ nsGkAtoms::markerWidth,
+ nsGkAtoms::markerHeight,
+ nsGkAtoms::orient,
nullptr,
/* sentinel */ nullptr,
// clang-format on
diff --git a/dom/security/sanitizer/SanitizerTypes.cpp b/dom/security/sanitizer/SanitizerTypes.cpp
@@ -6,6 +6,11 @@
namespace mozilla::dom::sanitizer {
+bool CanonicalName::IsDataAttribute() const {
+ return StringBeginsWith(nsDependentAtomString(mLocalName), u"data-"_ns) &&
+ !mNamespace;
+}
+
template <typename SanitizerName>
void CanonicalName::SetSanitizerName(SanitizerName& aSanitizerName) const {
mLocalName->ToString(aSanitizerName.mName);
@@ -16,27 +21,21 @@ void CanonicalName::SetSanitizerName(SanitizerName& aSanitizerName) const {
}
}
-bool CanonicalAttribute::IsDataAttribute() const {
- return StringBeginsWith(nsDependentAtomString(mLocalName), u"data-"_ns) &&
- !mNamespace;
-}
-
-SanitizerAttributeNamespace CanonicalAttribute::ToSanitizerAttributeNamespace()
+SanitizerAttributeNamespace CanonicalName::ToSanitizerAttributeNamespace()
const {
SanitizerAttributeNamespace result;
SetSanitizerName(result);
return result;
}
-SanitizerElementNamespace CanonicalElement::ToSanitizerElementNamespace()
- const {
+SanitizerElementNamespace CanonicalName::ToSanitizerElementNamespace() const {
SanitizerElementNamespace result;
SetSanitizerName(result);
return result;
}
SanitizerElementNamespaceWithAttributes
-CanonicalElement::ToSanitizerElementNamespaceWithAttributes(
+CanonicalName::ToSanitizerElementNamespaceWithAttributes(
const CanonicalElementAttributes& aElementAttributes) const {
SanitizerElementNamespaceWithAttributes result;
SetSanitizerName(result);
@@ -75,7 +74,7 @@ bool CanonicalElementAttributes::Equals(
return false;
}
- for (const CanonicalAttribute& attr : *mAttributes) {
+ for (const CanonicalName& attr : *mAttributes) {
if (!aOther.mAttributes->Contains(attr)) {
return false;
}
@@ -87,7 +86,7 @@ bool CanonicalElementAttributes::Equals(
return false;
}
- for (const CanonicalAttribute& attr : *mRemoveAttributes) {
+ for (const CanonicalName& attr : *mRemoveAttributes) {
if (!aOther.mRemoveAttributes->Contains(attr)) {
return false;
}
@@ -98,9 +97,9 @@ bool CanonicalElementAttributes::Equals(
}
nsTArray<OwningStringOrSanitizerAttributeNamespace> ToSanitizerAttributes(
- const CanonicalAttributeSet& aSet) {
+ const CanonicalNameSet& aSet) {
nsTArray<OwningStringOrSanitizerAttributeNamespace> attributes;
- for (const CanonicalAttribute& canonical : aSet) {
+ for (const CanonicalName& canonical : aSet) {
OwningStringOrSanitizerAttributeNamespace owning;
owning.SetAsSanitizerAttributeNamespace() =
canonical.ToSanitizerAttributeNamespace();
diff --git a/dom/security/sanitizer/SanitizerTypes.h b/dom/security/sanitizer/SanitizerTypes.h
@@ -15,50 +15,26 @@ namespace mozilla::dom::sanitizer {
struct CanonicalElementAttributes;
-class CanonicalName {
- protected:
- explicit CanonicalName(const CanonicalName* aKey)
+// The name of an element/attribute combined with its namespace.
+class CanonicalName : public PLDHashEntryHdr {
+ public:
+ using KeyType = const CanonicalName&;
+ using KeyTypePointer = const CanonicalName*;
+
+ explicit CanonicalName(KeyTypePointer aKey)
: mLocalName(aKey->mLocalName), mNamespace(aKey->mNamespace) {}
+ CanonicalName(CanonicalName&&) = default;
CanonicalName(RefPtr<nsAtom> aLocalName, RefPtr<nsAtom> aNamespace)
: mLocalName(std::move(aLocalName)), mNamespace(std::move(aNamespace)) {}
CanonicalName(nsStaticAtom* aLocalName, nsStaticAtom* aNamespace)
: mLocalName(aLocalName), mNamespace(aNamespace) {}
+ ~CanonicalName() = default;
- bool KeyEquals(const CanonicalName* aKey) const {
+ KeyType GetKey() const { return *this; }
+ bool KeyEquals(KeyTypePointer aKey) const {
return mLocalName == aKey->mLocalName && mNamespace == aKey->mNamespace;
}
- friend std::ostream& operator<<(std::ostream& aStream,
- const CanonicalName& aName);
-
- template <typename SanitizerName>
- void SetSanitizerName(SanitizerName& aName) const;
-
- RefPtr<nsAtom> mLocalName;
- // A "null" namespace is represented by the nullptr.
- RefPtr<nsAtom> mNamespace;
-};
-
-template <typename Derived>
-std::ostream& operator<<(std::ostream& aStream, const CanonicalName& aName);
-
-class CanonicalAttribute : public CanonicalName, public PLDHashEntryHdr {
- public:
- using KeyType = const CanonicalAttribute&;
- using KeyTypePointer = const CanonicalAttribute*;
-
- explicit CanonicalAttribute(KeyTypePointer aAttribute)
- : CanonicalName(aAttribute) {}
- CanonicalAttribute(CanonicalAttribute&&) = default;
- CanonicalAttribute(RefPtr<nsAtom> aLocalName, RefPtr<nsAtom> aNamespace)
- : CanonicalName(aLocalName, aNamespace) {}
- CanonicalAttribute(nsStaticAtom* aLocalName, nsStaticAtom* aNamespace)
- : CanonicalName(aLocalName, aNamespace) {}
- ~CanonicalAttribute() = default;
-
- KeyType GetKey() const { return *this; }
- using CanonicalName::KeyEquals;
-
static KeyTypePointer KeyToPointer(KeyType aKey) { return &aKey; }
static PLDHashNumber HashKey(KeyTypePointer aKey) {
return mozilla::HashGeneric(aKey->mLocalName.get(), aKey->mNamespace.get());
@@ -66,60 +42,46 @@ class CanonicalAttribute : public CanonicalName, public PLDHashEntryHdr {
enum { ALLOW_MEMMOVE = true };
+ // Caution: Only use this for attribute names, not elements!
// Returns true for names that start with data-* and have a null namespace.
bool IsDataAttribute() const;
- SanitizerAttributeNamespace ToSanitizerAttributeNamespace() const;
-
- CanonicalAttribute Clone() const {
- return CanonicalAttribute(mLocalName, mNamespace);
- }
-};
-
-class CanonicalElement : public CanonicalName, public PLDHashEntryHdr {
- public:
- using KeyType = const CanonicalElement&;
- using KeyTypePointer = const CanonicalElement*;
-
- explicit CanonicalElement(KeyTypePointer aElement)
- : CanonicalName(aElement) {}
- CanonicalElement(CanonicalElement&&) = default;
- CanonicalElement(RefPtr<nsAtom> aLocalName, RefPtr<nsAtom> aNamespace)
- : CanonicalName(aLocalName, aNamespace) {}
- CanonicalElement(nsStaticAtom* aLocalName, nsStaticAtom* aNamespace)
- : CanonicalName(aLocalName, aNamespace) {}
- ~CanonicalElement() = default;
-
- KeyType GetKey() const { return *this; }
- using CanonicalName::KeyEquals;
-
- static KeyTypePointer KeyToPointer(KeyType aKey) { return &aKey; }
- static PLDHashNumber HashKey(KeyTypePointer aKey) {
- return mozilla::HashGeneric(aKey->mLocalName.get(), aKey->mNamespace.get());
- }
-
- enum { ALLOW_MEMMOVE = true };
+ SanitizerAttributeNamespace ToSanitizerAttributeNamespace() const;
SanitizerElementNamespace ToSanitizerElementNamespace() const;
SanitizerElementNamespaceWithAttributes
ToSanitizerElementNamespaceWithAttributes(
const CanonicalElementAttributes& aElementAttributes) const;
+
+ CanonicalName Clone() const { return CanonicalName(mLocalName, mNamespace); }
+
+ protected:
+ friend std::ostream& operator<<(std::ostream& aStream,
+ const CanonicalName& aName);
+
+ template <typename SanitizerName>
+ void SetSanitizerName(SanitizerName& aName) const;
+
+ RefPtr<nsAtom> mLocalName;
+ // A "null" namespace is represented by the nullptr.
+ RefPtr<nsAtom> mNamespace;
};
-using CanonicalAttributeSet = nsTHashSet<CanonicalAttribute>;
-using CanonicalElementSet = nsTHashSet<CanonicalElement>;
+std::ostream& operator<<(std::ostream& aStream, const CanonicalName& aName);
+
+using CanonicalNameSet = nsTHashSet<CanonicalName>;
struct CanonicalElementAttributes {
- Maybe<CanonicalAttributeSet> mAttributes;
- Maybe<CanonicalAttributeSet> mRemoveAttributes;
+ Maybe<CanonicalNameSet> mAttributes;
+ Maybe<CanonicalNameSet> mRemoveAttributes;
bool Equals(const CanonicalElementAttributes& aOther) const;
};
using CanonicalElementMap =
- nsTHashMap<CanonicalElement, CanonicalElementAttributes>;
+ nsTHashMap<CanonicalName, CanonicalElementAttributes>;
nsTArray<OwningStringOrSanitizerAttributeNamespace> ToSanitizerAttributes(
- const CanonicalAttributeSet& aSet);
+ const CanonicalNameSet& aSet);
inline const auto& GetAsDictionary(
const OwningStringOrSanitizerAttributeNamespace& aOwning) {
@@ -199,11 +161,7 @@ class MOZ_STACK_CLASS SanitizerComparator final {
} // namespace mozilla::dom::sanitizer
template <>
-struct fmt::formatter<mozilla::dom::sanitizer::CanonicalAttribute>
- : ostream_formatter {};
-
-template <>
-struct fmt::formatter<mozilla::dom::sanitizer::CanonicalElement>
+struct fmt::formatter<mozilla::dom::sanitizer::CanonicalName>
: ostream_formatter {};
#endif
diff --git a/dom/security/sanitizer/safe-default-configuration.json b/dom/security/sanitizer/safe-default-configuration.json
@@ -1,245 +1,196 @@
{
"elements": [
{
- "name": "math",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "html",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "merror",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "head",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mfrac",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "title",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mi",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "body",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mmultiscripts",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "article",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mn",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "section",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mo",
- "namespace": "http://www.w3.org/1998/Math/MathML",
- "attributes": [
- {
- "name": "fence",
- "namespace": null
- },
- {
- "name": "form",
- "namespace": null
- },
- {
- "name": "largeop",
- "namespace": null
- },
- {
- "name": "lspace",
- "namespace": null
- },
- {
- "name": "maxsize",
- "namespace": null
- },
- {
- "name": "minsize",
- "namespace": null
- },
- {
- "name": "movablelimits",
- "namespace": null
- },
- {
- "name": "rspace",
- "namespace": null
- },
- {
- "name": "separator",
- "namespace": null
- },
- {
- "name": "stretchy",
- "namespace": null
- },
- {
- "name": "symmetric",
- "namespace": null
- }
- ]
+ "name": "nav",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
},
{
- "name": "mover",
- "namespace": "http://www.w3.org/1998/Math/MathML",
- "attributes": [
- {
- "name": "accent",
- "namespace": null
- }
- ]
+ "name": "aside",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
},
{
- "name": "mpadded",
- "namespace": "http://www.w3.org/1998/Math/MathML",
- "attributes": [
- {
- "name": "depth",
- "namespace": null
- },
- {
- "name": "height",
- "namespace": null
- },
- {
- "name": "lspace",
- "namespace": null
- },
- {
- "name": "voffset",
- "namespace": null
- },
- {
- "name": "width",
- "namespace": null
- }
- ]
+ "name": "h1",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
},
{
- "name": "mphantom",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "h2",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mprescripts",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "h3",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mroot",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "h4",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mrow",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "h5",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "ms",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "h6",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mspace",
- "namespace": "http://www.w3.org/1998/Math/MathML",
- "attributes": [
- {
- "name": "depth",
- "namespace": null
- },
- {
- "name": "height",
- "namespace": null
- },
- {
- "name": "width",
- "namespace": null
- }
- ]
+ "name": "hgroup",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
},
{
- "name": "msqrt",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "header",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mstyle",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "footer",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "msub",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "address",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "msubsup",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "p",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "msup",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "hr",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mtable",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "pre",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mtd",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "blockquote",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": [
{
- "name": "columnspan",
+ "name": "cite",
+ "namespace": null
+ }
+ ]
+ },
+ {
+ "name": "ol",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": [
+ {
+ "name": "reversed",
"namespace": null
},
{
- "name": "rowspan",
+ "name": "start",
+ "namespace": null
+ },
+ {
+ "name": "type",
"namespace": null
}
]
},
{
- "name": "mtext",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "ul",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "mtr",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "menu",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "munder",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "li",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": [
{
- "name": "accentunder",
+ "name": "value",
"namespace": null
}
]
},
{
- "name": "munderover",
- "namespace": "http://www.w3.org/1998/Math/MathML",
- "attributes": [
- {
- "name": "accent",
- "namespace": null
- },
- {
- "name": "accentunder",
- "namespace": null
- }
- ]
+ "name": "dl",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
},
{
- "name": "semantics",
- "namespace": "http://www.w3.org/1998/Math/MathML",
+ "name": "dt",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
+ },
+ {
+ "name": "dd",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
+ },
+ {
+ "name": "figure",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
+ },
+ {
+ "name": "figcaption",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
+ },
+ {
+ "name": "main",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
+ },
+ {
+ "name": "search",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": []
+ },
+ {
+ "name": "div",
+ "namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
@@ -251,530 +202,624 @@
"namespace": null
},
{
- "name": "hreflang",
+ "name": "rel",
"namespace": null
},
{
- "name": "rel",
+ "name": "hreflang",
"namespace": null
},
{
"name": "type",
"namespace": null
}
- ]
- },
- {
- "name": "abbr",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "address",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
+ ]
},
{
- "name": "article",
+ "name": "em",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "aside",
+ "name": "strong",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "b",
+ "name": "small",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "bdi",
+ "name": "s",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "bdo",
+ "name": "cite",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "blockquote",
+ "name": "q",
"namespace": "http://www.w3.org/1999/xhtml",
- "attributes": [
- {
- "name": "cite",
- "namespace": null
- }
- ]
+ "attributes": []
},
{
- "name": "body",
+ "name": "dfn",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "br",
+ "name": "abbr",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "caption",
+ "name": "ruby",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "cite",
+ "name": "rt",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "code",
+ "name": "rp",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "col",
+ "name": "data",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": [
{
- "name": "span",
+ "name": "value",
"namespace": null
}
]
},
{
- "name": "colgroup",
+ "name": "time",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": [
{
- "name": "span",
+ "name": "datetime",
"namespace": null
}
]
},
{
- "name": "data",
+ "name": "code",
"namespace": "http://www.w3.org/1999/xhtml",
- "attributes": [
- {
- "name": "value",
- "namespace": null
- }
- ]
+ "attributes": []
},
{
- "name": "dd",
+ "name": "var",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "del",
+ "name": "samp",
"namespace": "http://www.w3.org/1999/xhtml",
- "attributes": [
- {
- "name": "cite",
- "namespace": null
- },
- {
- "name": "datetime",
- "namespace": null
- }
- ]
+ "attributes": []
},
{
- "name": "dfn",
+ "name": "kbd",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "div",
+ "name": "sub",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "dl",
+ "name": "sup",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "dt",
+ "name": "i",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "em",
+ "name": "b",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "figcaption",
+ "name": "u",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "figure",
+ "name": "mark",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "footer",
+ "name": "bdi",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "h1",
+ "name": "bdo",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "h2",
+ "name": "span",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "h3",
+ "name": "br",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "h4",
+ "name": "wbr",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "h5",
+ "name": "ins",
"namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
+ "attributes": [
+ {
+ "name": "cite",
+ "namespace": null
+ },
+ {
+ "name": "datetime",
+ "namespace": null
+ }
+ ]
},
{
- "name": "h6",
+ "name": "del",
"namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
+ "attributes": [
+ {
+ "name": "cite",
+ "namespace": null
+ },
+ {
+ "name": "datetime",
+ "namespace": null
+ }
+ ]
},
{
- "name": "head",
+ "name": "table",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "header",
+ "name": "caption",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "hgroup",
+ "name": "colgroup",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": [
+ {
+ "name": "span",
+ "namespace": null
+ }
+ ]
+ },
+ {
+ "name": "col",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": [
+ {
+ "name": "span",
+ "namespace": null
+ }
+ ]
+ },
+ {
+ "name": "tbody",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "hr",
+ "name": "thead",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "html",
+ "name": "tfoot",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "i",
+ "name": "tr",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": []
},
{
- "name": "ins",
+ "name": "td",
+ "namespace": "http://www.w3.org/1999/xhtml",
+ "attributes": [
+ {
+ "name": "colspan",
+ "namespace": null
+ },
+ {
+ "name": "rowspan",
+ "namespace": null
+ },
+ {
+ "name": "headers",
+ "namespace": null
+ }
+ ]
+ },
+ {
+ "name": "th",
"namespace": "http://www.w3.org/1999/xhtml",
"attributes": [
{
- "name": "cite",
+ "name": "colspan",
+ "namespace": null
+ },
+ {
+ "name": "rowspan",
+ "namespace": null
+ },
+ {
+ "name": "headers",
+ "namespace": null
+ },
+ {
+ "name": "scope",
+ "namespace": null
+ },
+ {
+ "name": "abbr",
+ "namespace": null
+ }
+ ]
+ },
+ {
+ "name": "math",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": []
+ },
+ {
+ "name": "merror",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": []
+ },
+ {
+ "name": "mfrac",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": []
+ },
+ {
+ "name": "mi",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": []
+ },
+ {
+ "name": "mmultiscripts",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": []
+ },
+ {
+ "name": "mn",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": []
+ },
+ {
+ "name": "mo",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": [
+ {
+ "name": "form",
+ "namespace": null
+ },
+ {
+ "name": "fence",
+ "namespace": null
+ },
+ {
+ "name": "separator",
+ "namespace": null
+ },
+ {
+ "name": "lspace",
+ "namespace": null
+ },
+ {
+ "name": "rspace",
+ "namespace": null
+ },
+ {
+ "name": "stretchy",
+ "namespace": null
+ },
+ {
+ "name": "symmetric",
+ "namespace": null
+ },
+ {
+ "name": "maxsize",
+ "namespace": null
+ },
+ {
+ "name": "minsize",
+ "namespace": null
+ },
+ {
+ "name": "largeop",
"namespace": null
},
{
- "name": "datetime",
+ "name": "movablelimits",
"namespace": null
}
]
},
{
- "name": "kbd",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "li",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mover",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": [
{
- "name": "value",
+ "name": "accent",
"namespace": null
}
]
},
{
- "name": "main",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "mark",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "menu",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "nav",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "ol",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mpadded",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": [
{
- "name": "reversed",
+ "name": "width",
"namespace": null
},
{
- "name": "start",
+ "name": "height",
"namespace": null
},
{
- "name": "type",
+ "name": "depth",
+ "namespace": null
+ },
+ {
+ "name": "lspace",
+ "namespace": null
+ },
+ {
+ "name": "voffset",
"namespace": null
}
]
},
{
- "name": "p",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "pre",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "q",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mphantom",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "rp",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mprescripts",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "rt",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mroot",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "ruby",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mrow",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "s",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "ms",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "samp",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
+ "name": "mspace",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": [
+ {
+ "name": "width",
+ "namespace": null
+ },
+ {
+ "name": "height",
+ "namespace": null
+ },
+ {
+ "name": "depth",
+ "namespace": null
+ }
+ ]
},
{
- "name": "search",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "msqrt",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "section",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mstyle",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "small",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "msub",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "span",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "msubsup",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "strong",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "msup",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "sub",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mtable",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "sup",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
+ "name": "mtd",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": [
+ {
+ "name": "columnspan",
+ "namespace": null
+ },
+ {
+ "name": "rowspan",
+ "namespace": null
+ }
+ ]
},
{
- "name": "table",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mtext",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "tbody",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "mtr",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "td",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "munder",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": [
{
- "name": "colspan",
+ "name": "accentunder",
"namespace": null
- },
+ }
+ ]
+ },
+ {
+ "name": "munderover",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
+ "attributes": [
{
- "name": "headers",
+ "name": "accent",
"namespace": null
},
{
- "name": "rowspan",
+ "name": "accentunder",
"namespace": null
}
]
},
{
- "name": "tfoot",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "semantics",
+ "namespace": "http://www.w3.org/1998/Math/MathML",
"attributes": []
},
{
- "name": "th",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "svg",
+ "namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "abbr",
+ "name": "viewBox",
"namespace": null
},
{
- "name": "colspan",
+ "name": "preserveAspectRatio",
"namespace": null
},
{
- "name": "headers",
+ "name": "height",
"namespace": null
},
{
- "name": "rowspan",
+ "name": "width",
"namespace": null
},
{
- "name": "scope",
+ "name": "x",
"namespace": null
- }
- ]
- },
- {
- "name": "thead",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "time",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": [
+ },
{
- "name": "datetime",
+ "name": "y",
"namespace": null
}
]
},
{
- "name": "title",
- "namespace": "http://www.w3.org/1999/xhtml",
- "attributes": []
- },
- {
- "name": "tr",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "g",
+ "namespace": "http://www.w3.org/2000/svg",
"attributes": []
},
{
- "name": "u",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "defs",
+ "namespace": "http://www.w3.org/2000/svg",
"attributes": []
},
{
- "name": "ul",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "title",
+ "namespace": "http://www.w3.org/2000/svg",
"attributes": []
},
{
- "name": "var",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "desc",
+ "namespace": "http://www.w3.org/2000/svg",
"attributes": []
},
{
- "name": "wbr",
- "namespace": "http://www.w3.org/1999/xhtml",
+ "name": "metadata",
+ "namespace": "http://www.w3.org/2000/svg",
"attributes": []
},
{
- "name": "circle",
+ "name": "path",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "cx",
- "namespace": null
- },
- {
- "name": "cy",
- "namespace": null
- },
- {
"name": "pathLength",
"namespace": null
},
{
- "name": "r",
+ "name": "d",
"namespace": null
}
]
},
{
- "name": "defs",
- "namespace": "http://www.w3.org/2000/svg",
- "attributes": []
- },
- {
- "name": "desc",
- "namespace": "http://www.w3.org/2000/svg",
- "attributes": []
- },
- {
- "name": "ellipse",
+ "name": "rect",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "cx",
+ "name": "pathLength",
+ "namespace": null
+ },
+ {
+ "name": "x",
+ "namespace": null
+ },
+ {
+ "name": "y",
"namespace": null
},
{
- "name": "cy",
+ "name": "width",
"namespace": null
},
{
- "name": "pathLength",
+ "name": "height",
"namespace": null
},
{
@@ -788,34 +833,29 @@
]
},
{
- "name": "foreignObject",
+ "name": "circle",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "height",
+ "name": "pathLength",
"namespace": null
},
{
- "name": "width",
+ "name": "cx",
"namespace": null
},
{
- "name": "x",
+ "name": "cy",
"namespace": null
},
{
- "name": "y",
+ "name": "r",
"namespace": null
}
]
},
{
- "name": "g",
- "namespace": "http://www.w3.org/2000/svg",
- "attributes": []
- },
- {
- "name": "line",
+ "name": "ellipse",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
@@ -823,82 +863,51 @@
"namespace": null
},
{
- "name": "x1",
+ "name": "cx",
"namespace": null
},
{
- "name": "x2",
+ "name": "cy",
"namespace": null
},
{
- "name": "y1",
+ "name": "rx",
"namespace": null
},
{
- "name": "y2",
+ "name": "ry",
"namespace": null
}
]
},
{
- "name": "marker",
+ "name": "line",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "markerHeight",
- "namespace": null
- },
- {
- "name": "markerUnits",
- "namespace": null
- },
- {
- "name": "markerWidth",
- "namespace": null
- },
- {
- "name": "orient",
- "namespace": null
- },
- {
- "name": "preserveAspectRatio",
+ "name": "pathLength",
"namespace": null
},
{
- "name": "refX",
+ "name": "x1",
"namespace": null
},
{
- "name": "refY",
+ "name": "y1",
"namespace": null
},
{
- "name": "viewBox",
- "namespace": null
- }
- ]
- },
- {
- "name": "metadata",
- "namespace": "http://www.w3.org/2000/svg",
- "attributes": []
- },
- {
- "name": "path",
- "namespace": "http://www.w3.org/2000/svg",
- "attributes": [
- {
- "name": "d",
+ "name": "x2",
"namespace": null
},
{
- "name": "pathLength",
+ "name": "y2",
"namespace": null
}
]
},
{
- "name": "polygon",
+ "name": "polyline",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
@@ -912,7 +921,7 @@
]
},
{
- "name": "polyline",
+ "name": "polygon",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
@@ -926,172 +935,163 @@
]
},
{
- "name": "rect",
+ "name": "text",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "height",
+ "name": "lengthAdjust",
"namespace": null
},
{
- "name": "pathLength",
+ "name": "x",
"namespace": null
},
{
- "name": "rx",
+ "name": "y",
"namespace": null
},
{
- "name": "ry",
+ "name": "dx",
"namespace": null
},
{
- "name": "width",
+ "name": "dy",
"namespace": null
},
{
- "name": "x",
+ "name": "rotate",
"namespace": null
},
{
- "name": "y",
+ "name": "textLength",
"namespace": null
}
]
},
{
- "name": "svg",
+ "name": "tspan",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "height",
+ "name": "lengthAdjust",
"namespace": null
},
{
- "name": "preserveAspectRatio",
+ "name": "x",
"namespace": null
},
{
- "name": "viewBox",
+ "name": "y",
"namespace": null
},
{
- "name": "width",
+ "name": "dx",
"namespace": null
},
{
- "name": "x",
+ "name": "dy",
"namespace": null
},
{
- "name": "y",
+ "name": "rotate",
+ "namespace": null
+ },
+ {
+ "name": "textLength",
"namespace": null
}
]
},
{
- "name": "text",
+ "name": "textPath",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "dx",
+ "name": "lengthAdjust",
"namespace": null
},
{
- "name": "dy",
+ "name": "textLength",
"namespace": null
},
{
- "name": "lengthAdjust",
+ "name": "path",
"namespace": null
},
{
- "name": "rotate",
+ "name": "startOffset",
"namespace": null
},
{
- "name": "textLength",
+ "name": "method",
"namespace": null
},
{
- "name": "x",
+ "name": "spacing",
"namespace": null
},
{
- "name": "y",
+ "name": "side",
"namespace": null
}
]
},
{
- "name": "textPath",
+ "name": "foreignObject",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "lengthAdjust",
- "namespace": null
- },
- {
- "name": "method",
- "namespace": null
- },
- {
- "name": "path",
- "namespace": null
- },
- {
- "name": "side",
+ "name": "x",
"namespace": null
},
{
- "name": "spacing",
+ "name": "y",
"namespace": null
},
{
- "name": "startOffset",
+ "name": "width",
"namespace": null
},
{
- "name": "textLength",
+ "name": "height",
"namespace": null
}
]
},
{
- "name": "title",
- "namespace": "http://www.w3.org/2000/svg",
- "attributes": []
- },
- {
- "name": "tspan",
+ "name": "marker",
"namespace": "http://www.w3.org/2000/svg",
"attributes": [
{
- "name": "dx",
+ "name": "viewBox",
"namespace": null
},
{
- "name": "dy",
+ "name": "preserveAspectRatio",
"namespace": null
},
{
- "name": "lengthAdjust",
+ "name": "refX",
"namespace": null
},
{
- "name": "rotate",
+ "name": "refY",
"namespace": null
},
{
- "name": "textLength",
+ "name": "markerUnits",
"namespace": null
},
{
- "name": "x",
+ "name": "markerWidth",
"namespace": null
},
{
- "name": "y",
+ "name": "markerHeight",
+ "namespace": null
+ },
+ {
+ "name": "orient",
"namespace": null
}
]
@@ -1099,6 +1099,46 @@
],
"attributes": [
{
+ "name": "dir",
+ "namespace": null
+ },
+ {
+ "name": "lang",
+ "namespace": null
+ },
+ {
+ "name": "title",
+ "namespace": null
+ },
+ {
+ "name": "displaystyle",
+ "namespace": null
+ },
+ {
+ "name": "mathbackground",
+ "namespace": null
+ },
+ {
+ "name": "mathcolor",
+ "namespace": null
+ },
+ {
+ "name": "mathsize",
+ "namespace": null
+ },
+ {
+ "name": "scriptlevel",
+ "namespace": null
+ },
+ {
+ "name": "fill",
+ "namespace": null
+ },
+ {
+ "name": "transform",
+ "namespace": null
+ },
+ {
"name": "alignment-baseline",
"namespace": null
},
@@ -1127,10 +1167,6 @@
"namespace": null
},
{
- "name": "dir",
- "namespace": null
- },
- {
"name": "direction",
"namespace": null
},
@@ -1139,18 +1175,10 @@
"namespace": null
},
{
- "name": "displaystyle",
- "namespace": null
- },
- {
"name": "dominant-baseline",
"namespace": null
},
{
- "name": "fill",
- "namespace": null
- },
- {
"name": "fill-opacity",
"namespace": null
},
@@ -1187,10 +1215,6 @@
"namespace": null
},
{
- "name": "lang",
- "namespace": null
- },
- {
"name": "letter-spacing",
"namespace": null
},
@@ -1207,18 +1231,6 @@
"namespace": null
},
{
- "name": "mathbackground",
- "namespace": null
- },
- {
- "name": "mathcolor",
- "namespace": null
- },
- {
- "name": "mathsize",
- "namespace": null
- },
- {
"name": "opacity",
"namespace": null
},
@@ -1231,10 +1243,6 @@
"namespace": null
},
{
- "name": "scriptlevel",
- "namespace": null
- },
- {
"name": "shape-rendering",
"namespace": null
},
@@ -1295,14 +1303,6 @@
"namespace": null
},
{
- "name": "title",
- "namespace": null
- },
- {
- "name": "transform",
- "namespace": null
- },
- {
"name": "transform-origin",
"namespace": null
},
diff --git a/dom/security/sanitizer/update-safe-default-configuration.py b/dom/security/sanitizer/update-safe-default-configuration.py
@@ -5,7 +5,7 @@
import json
from urllib.request import urlretrieve
-REVISION = "fc36ba125ff6f175e1b5619c4ec20ab611cc5858"
+REVISION = "54b7efe39472f031ee6e3eab3fd3d14175564581"
urlretrieve(
f"https://raw.githubusercontent.com/WICG/sanitizer-api/{REVISION}/builtins/safe-default-configuration.json",
