W3C home > Mailing lists > Public > www-math@w3.org > December 2015

Re: Is MathML really Dangerous?

From: William F Hammond <hammond@csc.albany.edu>
Date: Sat, 05 Dec 2015 12:57:12 -0500
To: Paul Topping <pault@dessci.com>
Cc: "www-math@w3.org" <www-math@w3.org>
Message-ID: <i7lh987p8n.fsf@hilbert.math.albany.edu>
Paul Topping <pault@dessci.com> writes:

> This reminds me that the Chrome team ripped out the MathML
> support code from their Blink engine when it was forked
> from WebKit over two years ago. If I recall correctly,
> they said it was for "security reasons" and that they
> didn't have resources that could ensure that the code
> didn't have security vulnerabilities.

The concern at Chrome was with their code implementation,
not with the security of MathML.
 
https://code.google.com/p/chromium/issues/detail?id=152430

I believe that the code had been fixed.  At the time I think
there were also issues of rendering quality.  As I
understand it, the code had been written at little or no
cost to Chrome, and the time had arrived for investment.
Chrome did not want to invest, and they appear to have used
the security concern as an excuse for backing out.

                                    -- Bill

---
William F Hammond
whammond@albany·edu
http://www.albany.edu/~hammond/
Received on Saturday, 5 December 2015 17:57:39 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 5 December 2015 17:57:40 UTC