W3C home > Mailing lists > Public > public-css-archive@w3.org > July 2020

Re: [csswg-drafts] [selectors][css-values] Hide "sensitive" attributes from CSS (#5136)

From: Maciej Stachowiak via GitHub <sysbot+gh@w3.org>
Date: Wed, 01 Jul 2020 19:39:21 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-652609657-1593632353-sysbot+gh@w3.org>
Is it a goal for CSS that using a stylesheet from an untrusted source is "safe" in some sense? Because I don't think that would be true with only the change described in the issue. Untrusted CSS could hide elements of the page, inject text and images, make invisible but still clickable elements appear on top of other elements, etc. Making it safe to include untrusted CSS would be a significant project.

GitHub Notification of comment by othermaciej
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/5136#issuecomment-652609657 using your GitHub account
Received on Wednesday, 1 July 2020 19:39:22 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 06:42:11 UTC