Hello, Blink!
I'm fixing a bug in the permissions policy parser (https://crbug.com/1319389)
where we currently don't (but should) allow newlines, tabs, and form feeds
to separate tokens in an "allow" attribute. (We allow them basically
everywhere else that spaces are allowed in HTML documents; this was an
error in just the permissions policy parser.)
A quick scan of HTTP Archive shows 378 urls that would be affected by this;
in nearly every case, the attribute value is broken up with newlines after
semicolons, and so the first feature after each newline is not
currently recognized.
For instance, we see cases like this:
allow="accelerometer;
autoplay; clipboard-write; encrypted-media; gyroscope;
picture-in-picture; web-share"
In this example, "autoplay" and "picture-in-picture" would not be
recognized, as a newline is currently the first non-space character after
the preceding semicolon.
This bug fix will correct this to the expected working behaviour in those
pages. (I mentioned "nearly every case" above, as I found 17 pages in which
the attribute value is broken in some other way -- bad markup -- and this
change will not fix that. There were no cases where I could identify any
unexpected or surprising behaviour change from this fix.)
Re: interop: whitespace in the allow attribute is (at least according to
the bug report) already handled correctly in both Firefox and Safari.
Ian
--
You received this message because you are subscribed to the Google Groups
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAK_TSXJtPeFnY-Dh_e1qFvfSK8ozsKGD9%3Dem-0Okj2fmbRXMLg%40mail.gmail.com.
