chrome/test/data/webui/load_time_data_browsertest.js · 11ce46e22783a8a731e8b59d80cc504af3a5db10 · eriksson monteiro / tangled

Improve sanitizer in parse_html_subset.js · 11ce46e2

Jun Kokatsu authored Jun 18, 2020

This change improves sanitizer in parse_html_subset.js by using
allow-list of tags and attributes.

Bug: 1086318
Change-Id: I56b94350d49bbb9e218336c9292897ac2e619316
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2222115Reviewed-by: dpapad <dpapad@chromium.org>
Reviewed-by: Rebekah Potter <rbpotter@chromium.org>
Reviewed-by: Kyle Horimoto <khorimoto@chromium.org>
Commit-Queue: Jun Kokatsu <Jun.Kokatsu@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#779556}

11ce46e2

load_time_data_browsertest.js 3.38 KB

Replace load_time_data_browsertest.js