Re: [csswg-drafts] [css-color-hdr-1] Clarify parsing and serialization of `hdr-color()` (#13597) from Chris Lilley via GitHub on 2026-03-05 (public-css-archive@w3.org from March 2026)

From: Chris Lilley via GitHub <noreply@w3.org>
Date: Thu, 05 Mar 2026 20:50:48 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-4007701788-1772743846-noreply@w3.org>

I just realized that identical hdr headroom values, if allowed to parse, might be a security and privacy issue. Consider:

```css
.swatch {
    background-color: red; 
}
.swatch {
    background-color: color-hdr(green 2, green 2);
}
```
Now I can tell if your hdr headroom is exactly 2 stops. Or can I, because the used value is not exposed to script?

-- 
GitHub Notification of comment by svgeesus
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/13597#issuecomment-4007701788 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 5 March 2026 20:50:49 UTC