New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(core): prevent infinite loops in clobbered elements check #54425
Conversation
01fd9df
to
894b81e
Compare
This commit updates HTML sanitization logic to avoid infinite loops in case clobbered elements contain fields like `nextSibling` or `parentNode`. Those fields are used for DOM traversal and this update makes sure that those calls return valid results. Also this commit fixes an issue when clobbering `nodeName` causes JS exceptions.
894b81e
to
e92a3f7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Reviewed-for: fw-core
Reviewed-for: fw-security
Caretaker notes
|
This PR was merged into the repository by commit eaff724. |
This commit updates HTML sanitization logic to avoid infinite loops in case clobbered elements contain fields like `nextSibling` or `parentNode`. Those fields are used for DOM traversal and this update makes sure that those calls return valid results. Also this commit fixes an issue when clobbering `nodeName` causes JS exceptions. PR Close #54425
This commit updates HTML sanitization logic to avoid infinite loops in case clobbered elements contain fields like `nextSibling` or `parentNode`. Those fields are used for DOM traversal and this update makes sure that those calls return valid results. Also this commit fixes an issue when clobbering `nodeName` causes JS exceptions. PR Close #54425
This issue has been automatically locked due to inactivity. Read more about our automatic conversation locking policy. This action has been performed automatically by a bot. |
This commit updates HTML sanitization logic to avoid infinite loops in case clobbered elements contain fields like
nextSibling
orparentNode
. Those fields are used for DOM traversal and this update makes sure that those calls return valid results.Also this commit fixes an issue when clobbering
nodeName
causes JS exceptions.(more context in the internal ticket: b/323800512)
PR Type
What kind of change does this PR introduce?
Does this PR introduce a breaking change?