[Webkit-unassigned] [Bug 124128] [regression] foreign content not displayed in MathML
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 11 08:47:23 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=124128
--- Comment #9 from Brent Fulgham <bfulgham at webkit.org> 2013-11-11 08:46:05 PST ---
Mixing arbitrary markup with MathML was introducing a case where non-MathML nodes were being interpreted as MathML. This could pose a security risk.
Based on the language in http://www.w3.org/TR/MathML/chapter6.html#world-int-combine-other, it seemed like allowing arbitrary markup inside MathML documents was not intended to work. Indeed, the MathML validator at W3C (http://validator.w3.org) rejects example with non-MathML markup inside the MathML document.
For these reasons, I turned off the ability to host non-MathML inside a document as part of the security fix https://bugs.webkit.org/show_bug.cgi?id=121728
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list