- From: Daniel Vogelheim <notifications@github.com>
- Date: Wed, 22 May 2024 10:14:22 -0700
- To: whatwg/dom <dom@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 22 May 2024 17:14:26 UTC
@otherdaniel commented on this pull request. > @@ -6870,11 +6918,17 @@ method steps are: <p>If <var>attribute</var> is null, then: <ol> - <li><p>If <var>force</var> is not given or is true, create an <a>attribute</a> whose + <li><p>Set <var>attribute</var> to an <a>attribute</a> whose The TT-check in Chromium's `toggleAttribute` was unintentional. It came about as a side effect of how `toggleAttribute` was implemented on top of other methods. We can't come up with any XSS based on `toggleAttribute`. It'd probably be best to remove it from the PR, and that we fix our implementation on our end. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/dom/pull/1268#discussion_r1610369597 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/dom/pull/1268/review/2071885443@github.com>
Received on Wednesday, 22 May 2024 17:14:26 UTC