- From: Alexander Kyereboah via GitHub <noreply@w3.org>
- Date: Wed, 17 Dec 2025 00:27:43 +0000
- To: public-css-archive@w3.org
@emilio Thank you for the examples! I wasn't initially aware of the custom property substitution case, and I had to change the prototype to make sure we could account for this with a tainting solution. With the new changes accounting for property substitutions, all 3 `getComputedStyle()` queries you provided return a default fallback color value. For registered custom properties like `@property --accent`, the value is stored as a computed color with the taint flag, and when exposed via `getComputedStyle()`, the implementation checks for the taint flag and returns the blue fallback instead of the actual color. For unregistered properties, when `var(--accent)` is substituted into `--my-color`, the taint metadata propagates during the substitution process and follows the value through any number of `var()` references, whether the properties are registered or unregistered. Does this behavior make sense for tainting? I can test for the more complex exfiltration cases that Kevin proposed if that was what you and Lea had in mind for those. -- GitHub Notification of comment by kyerebo Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/10372#issuecomment-3663028581 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 17 December 2025 00:27:44 UTC