254
edits
Platform/HTML5 sanitizer: Difference between revisions
→Gecko Requirements
| Line 8: | Line 8: | ||
** Resolve relative URLs into absolute ones using a per fragment base URL. (Is this correct for Gecko reqs?) | ** Resolve relative URLs into absolute ones using a per fragment base URL. (Is this correct for Gecko reqs?) | ||
** Why is whitespace trimmed before the security check? | ** Why is whitespace trimmed before the security check? | ||
** However, allow any URL in the src attribute on the img element, because imgs are safe. | ** However, allow any URL in the src attribute on the img element, because imgs are safe. {{bug|572637}} | ||
* Have a list of SVG attributes that take different-document references. | * Have a list of SVG attributes that take different-document references. | ||
* Have a list of SVG attributes that are allowed to have same-document references only. | * Have a list of SVG attributes that are allowed to have same-document references only. | ||