Re: [csswg-drafts] [selectors][css-values] Hide "sensitive" attributes from CSS (#5136) from Christoph Päper via GitHub on 2020-06-05 (public-css-archive@w3.org from June 2020)

From: Christoph Päper via GitHub <sysbot+gh@w3.org>
Date: Fri, 05 Jun 2020 04:51:37 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-639257245-1591332696-sysbot+gh@w3.org>

Every attack relies on [`<url>`](https://drafts.csswg.org/css-values/#urls). Can other uses of `attr()` be considered safe and therefore need no restriction at all? 

-- 
GitHub Notification of comment by Crissov
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/5136#issuecomment-639257245 using your GitHub account

Received on Friday, 5 June 2020 04:51:39 UTC