[webkit-changes] [WebKit/WebKit] 76ec38: Improve script execution context usage in Trusted ...

Fri, 31 Oct 2025 16:23:41 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 76ec38e84a6401d83ff18fc5d0a24f71a062bf56
      
https://github.com/WebKit/WebKit/commit/76ec38e84a6401d83ff18fc5d0a24f71a062bf56
  Author: Luke Warlow <[email protected]>
  Date:   2025-10-31 (Fri, 31 Oct 2025)

  Changed paths:
    A 
LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-secondary-document-expected.txt
    A 
LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-secondary-document.html
    M Source/WebCore/dom/Attr.cpp
    M Source/WebCore/dom/Document.cpp
    M Source/WebCore/dom/Element.cpp
    M Source/WebCore/dom/Range.cpp
    M Source/WebCore/dom/ShadowRoot.cpp
    M Source/WebCore/html/HTMLIFrameElement.cpp
    M Source/WebCore/svg/properties/SVGAnimatedString.cpp
    M Source/WebCore/workers/shared/SharedWorker.cpp
    M Source/WebCore/xml/DOMParser.cpp

  Log Message:
  -----------
  Improve script execution context usage in Trusted Types code
https://bugs.webkit.org/show_bug.cgi?id=301625

Reviewed by Darin Adler.

The existing usage of document() rather than document().contextDocument() can 
cause situations where
objects created within secondary documents (e.g. createHTMLDocument()) would 
not be protected by Trusted Types.

Test: 
imported/w3c/web-platform-tests/trusted-types/trusted-types-secondary-document.html
* 
LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-secondary-document-expected.txt:
 Added.
* 
LayoutTests/imported/w3c/web-platform-tests/trusted-types/trusted-types-secondary-document.html:
 Added.
* Source/WebCore/dom/Attr.cpp:
(WebCore::Attr::setValue):
* Source/WebCore/dom/Document.cpp:
(WebCore::Document::parseHTMLUnsafe):
(WebCore::Document::write):
(WebCore::Document::execCommand):
* Source/WebCore/dom/Element.cpp:
(WebCore::Element::setAttribute):
(WebCore::Element::setAttributeNode):
(WebCore::Element::setAttributeNodeNS):
(WebCore::Element::setAttributeNS):
(WebCore::Element::setHTMLUnsafe):
(WebCore::Element::setOuterHTML):
(WebCore::Element::setInnerHTML):
(WebCore::Element::insertAdjacentHTML):
* Source/WebCore/dom/Range.cpp:
(WebCore::Range::createContextualFragment):
* Source/WebCore/dom/ShadowRoot.cpp:
(WebCore::ShadowRoot::setHTMLUnsafe):
(WebCore::ShadowRoot::setInnerHTML):
* Source/WebCore/html/HTMLIFrameElement.cpp:
(WebCore::HTMLIFrameElement::setSrcdoc):
* Source/WebCore/svg/properties/SVGAnimatedString.cpp:
(WebCore::SVGAnimatedString::setBaseVal):
* Source/WebCore/workers/shared/SharedWorker.cpp:
(WebCore::SharedWorker::create):
* Source/WebCore/xml/DOMParser.cpp:
(WebCore::DOMParser::parseFromString):

Canonical link: https://commits.webkit.org/302412@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to