Firefox3.1/SMIL Security Review: Difference between revisions

Line 21: Line 21:
** Potential attack points:
** Potential attack points:
*** If embedded SVG were allowed to draw outside of its boundaries, it could use SMIL to cover bits of the host document with its own SVG elements.
*** If embedded SVG were allowed to draw outside of its boundaries, it could use SMIL to cover bits of the host document with its own SVG elements.
*** Integer overflows in SMIL attributes, or in animated SVG attributes, or in other attributes that depend on the animated attributes (e.g. heights/widths during a skew animated with animateTransform )


== Exported APIs ==
== Exported APIs ==
Confirmed users
489

edits