W3C home > Mailing lists > Public > www-style@w3.org > December 2013

Re: [css-color][filter-effects] (was: Re: [filter-effects] Tainted filter primitives)

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Thu, 26 Dec 2013 22:45:29 +0000
Message-ID: <-6918704719349513558@gmail297201516>
To: dschulze@adobe.com, robert@ocallahan.org, public-fx@w3.org, www-style@w3.org
On Tue Dec 24 2013 at 11:55:47 AM, Dirk Schulze <dschulze@adobe.com> wrote:

> I really wish to have currentColor behave in a way that it does not reveal
> any secured information.
>
> If we do not find an agreement, a way to limit the security restriction
> further would be to the following:
>
> For feFlood and feDropShadow: If the value for the ‘flood-color’ property
> computes to ‘inherit’ or ‘currentColor’ the feFlood filter primitive must
> be marked as tainted.
>
> For fe*Lighting: If the value for the ‘lighting-color’ property computes
> to ‘inherit’ or ‘currentColor’ the feFlood filter primitive must be marked
> as tainted.
>

'inherit' disappears by computed-value time - it's processed into the value
it represents at specified-value time.  <
http://dev.w3.org/csswg/css-cascade/#inherit>

Note that "flood-color: inherit;" doesn't expose anything, anyway - it
resolves to the value of 'flood-color' on the <feFlood>'s parent. It has no
connection to the graphics element that uses the filter containing an
<feFlood> element.

~TJ
Received on Thursday, 26 December 2013 22:45:57 UTC

This archive was generated by hypermail 2.3.1 : Monday, 2 May 2016 14:39:17 UTC