W3C home > Mailing lists > Public > public-fx@w3.org > January to March 2014

Re: [css-color][filter-effects] (was: Re: [filter-effects] Tainted filter primitives)

From: Dirk Schulze <dschulze@adobe.com>
Date: Fri, 3 Jan 2014 22:23:51 +0000
To: Tab Atkins Jr. <jackalmage@gmail.com>
CC: Robert O'Callahan <robert@ocallahan.org>, public-fx <public-fx@w3.org>, www-style list <www-style@w3.org>
Message-ID: <FA9CB54B-7841-41DB-9B83-BC02AF9263EF@adobe.com>

On Jan 3, 2014, at 10:55 PM, Tab Atkins Jr. <jackalmage@gmail.com> wrote:

> On Fri, Dec 27, 2013 at 1:59 AM, Dirk Schulze <dschulze@adobe.com> wrote:
>> On Dec 26, 2013, at 11:45 PM, Tab Atkins Jr. <jackalmage@gmail.com> wrote:
>>>> On Tue Dec 24 2013 at 11:55:47 AM, Dirk Schulze <dschulze@adobe.com> wrote:
>>>> I really wish to have currentColor behave in a way that it does not reveal any secured information.
>>>> 
>>>> If we do not find an agreement, a way to limit the security restriction further would be to the following:
>>>> 
>>>> For feFlood and feDropShadow: If the value for the ‘flood-color’ property computes to ‘inherit’ or ‘currentColor’ the feFlood filter primitive must be marked as tainted.
>>>> 
>>>> For fe*Lighting: If the value for the ‘lighting-color’ property computes to ‘inherit’ or ‘currentColor’ the feFlood filter primitive must be marked as tainted.
>>> 
>>> 'inherit' disappears by computed-value time - it's processed into the value it represents at specified-value time.  <http://dev.w3.org/csswg/css-cascade/#inherit>
>> 
>> I read css3-cascade and still was confused. I wasn’t sure if specified value was the value of the current style sheet or the last value in the cascade. From your explanation it seems to be the latter.
> 
> Neither, but I'm not sure what's confusing.  Could you explain?  The
> "cascaded value" definition says that the cascaded value is the
> declaration that won the cascade.  The following section then says
> that the specified value is the cascaded value, but with
> initial/inherit/unset (or a lack of cascaded value entirely) processed
> away.
> 
> "It is the result of putting the cascaded value through the defaulting
> processes, guaranteeing that a specified value exists for every
> property on every element."
> 
> If you can tell me what's confusing about it, I'll try to fix.

With the introducing comment, the spec text seems much more understandable. I did not read the spec from start to end. So apologize if it has such an explanation.

> 
>>> Note that "flood-color: inherit;" doesn't expose anything, anyway - it resolves to the value of 'flood-color' on the <feFlood>'s parent. It has no connection to the graphics element that uses the filter containing an <feFlood> element.
>> 
>> Not quite right. The parent of <feFlood> could use ‘currentColor’.
> 
> Yup, but that means that flood-color on the <feFlood> will computed to
> "currentColor", and thus be caught by the general prohibition against
> currentColor as a computed value.  There's no need to call out
> "inherit" specifically; it just confuses things.

Could you point me to the last valid definition of currentColor please? I am getting confused here. Is the one in CSS3 Colors already correct or do I need to check another definition?

Greetings,
Dirk

> 
> ~TJ
Received on Friday, 3 January 2014 22:24:29 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:49:48 UTC