From 7e60482d8090a43e00957f3d6fc87f31d7ea65a1 Mon Sep 17 00:00:00 2001 From: Moonchild Date: Mon, 13 Nov 2023 19:28:44 +0100 Subject: No issue - Stop supporting data: scheme in SVG elements. --- dom/svg/SVGUseElement.cpp | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/dom/svg/SVGUseElement.cpp b/dom/svg/SVGUseElement.cpp index acd8941b4e..8da90634ad 100644 --- a/dom/svg/SVGUseElement.cpp +++ b/dom/svg/SVGUseElement.cpp @@ -426,6 +426,17 @@ SVGUseElement::LookupHref() nsCOMPtr targetURI; nsContentUtils::NewURIWithDocumentCharset(getter_AddRefs(targetURI), href, GetComposedDoc(), baseURI); + + // Do not allow 'data:' schemes in elements. + // See spec update: https://github.com/w3c/svgwg/pull/901 + if (targetURI) { + bool isData; + mozilla::Unused << targetURI->SchemeIs("data", &isData); + if (isData) { + return; + } + } + mSource.Reset(this, targetURI); } -- cgit v1.2.3