Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rewrite metadata functions #457

Merged
merged 3 commits into from
Jun 12, 2024
Merged

Conversation

lukewarlow
Copy link
Member

@lukewarlow lukewarlow commented Feb 26, 2024

  • getAttributeType and getPropertyType now use lookup tables.

Fixes #456 and #423, and #474


Preview | Diff

@lukewarlow lukewarlow requested a review from koto February 26, 2024 16:06

<table>
<thead>
<tr><th>Element<th>Property name<th>TrustedType
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like this table needs a baseVal property for the SVGAnimatedString type somehow, not sure on the specifics of that SVG integration (I also am not sure that baseVal is accounted for in Chromium if it is required in this list).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

spec/index.bs Outdated Show resolved Hide resolved
spec/index.bs Outdated Show resolved Hide resolved
@lukewarlow lukewarlow force-pushed the metadata-rewrite branch 2 times, most recently from 436bc9e to 862c806 Compare February 26, 2024 16:44
@lukewarlow lukewarlow marked this pull request as ready for review February 26, 2024 16:44
@lukewarlow
Copy link
Member Author

@mbrodesser-Igalia do you think you'd be able to give this a review?

spec/index.bs Outdated Show resolved Hide resolved
@mbrodesser-Igalia
Copy link
Collaborator

@mbrodesser-Igalia do you think you'd be able to give this a review?

If this could wait until I actually start implementing it in Gecko, that might be most effective.

@mbrodesser-Igalia
Copy link
Collaborator

@mbrodesser-Igalia do you think you'd be able to give this a review?

If this could wait until I actually start implementing it in Gecko, that might be most effective.

Thorough reviews are time-consuming.

@lukewarlow lukewarlow force-pushed the metadata-rewrite branch 2 times, most recently from d2d9227 to 648f6b2 Compare February 28, 2024 16:36
spec/index.bs Outdated Show resolved Hide resolved
spec/index.bs Outdated Show resolved Hide resolved
@lukewarlow lukewarlow force-pushed the metadata-rewrite branch 2 times, most recently from 7fa73e4 to 123ce3a Compare April 17, 2024 15:04
@lukewarlow
Copy link
Member Author

@koto (and @annevk because you raised one of these related issues) what do you think of this?

To <dfn abstract-op>Get Trusted Type data for attribute</dfn> given |element|, |attribute|, |attributeNs|, perform the following steps:

1. Let |data| be null.
1. If |attributeNs| is null, and |attribute| is the name of an [=event handler content attribute=], then:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not really sure how you envision this lookup to work. There are many event handler content attributes that are not applicable to elements. And some only apply to a specific element.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are many event handler content attributes

I don't fully understand what you mean by this? What event handler content attribute doesn't apply to an element?
Do you mean legacy ones no longer applicable or something like that?

And some only apply to a specific element.

So for the purposes of trusted types I don't think we mind being overly restrictive here, it seems fine to consider them independent of the element (this is the case in Chromium's implementation)?

For context the plan in WebKit is to use HTMLElement::eventNameForEventHandlerAttribute with a null check.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

onreadystatechange?

I'm not sure we have a specification concept for eventNameForEventHandlerAttribute.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Chrome enforces the TT on that attribute for a div element for example, so that aspect is fine.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you clarify how that is fine?

How about onloadend?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To close the loop there's a discussion about just using on* pattern to block anything that resembles an event listener. WICG/sanitizer-api#226

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given we can't use the on* pattern what is the next best steps here?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Both Chrome and WebKit have a way to look up EventHandlers from IDL which gives us the coverage we need to ensure stuff is protected. Idk if that corresponds to the current spec text, or how we would spec that?

The key bit is that all sinks for a given browser are included in that browser, which the spec as written I think covers?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should have an actual list of event handler attributes we care about (those on elements), which would be a subset of all event handler attributes. That's also what the Sanitizer API would need.

I don't think we want to do something with event handler attributes that only have meaning on a non-element object.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have made a new issue to track this and added an inline issue in the spec referencing it. #520

- getAttributeType and getPropertyType now use lookup tables.
@lukewarlow
Copy link
Member Author

For the sake of keeping the spec moving I've made two new issues to track the remaining questions here and am going to get this merged in so we can remove the last StringContext attribute mentions. The whole spec needs an editorial run through and any issues here can be addressed as part of that or smaller follow ups.

@lukewarlow lukewarlow merged commit b7cb119 into w3c:main Jun 12, 2024
3 checks passed
github-actions bot added a commit that referenced this pull request Jun 12, 2024
SHA: b7cb119
Reason: push, by lukewarlow

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
github-actions bot added a commit to lukewarlow/trusted-types that referenced this pull request Jun 12, 2024
SHA: b7cb119
Reason: push, by lukewarlow

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

getPropertyType() needs a rewrite?
4 participants