Just to follow-up on two points raised by Daniel:
On 25/06/2022 14:09, Frédéric Wang wrote:
You mentioned fuzzy testing. Do the fuzzing tools have support for
mathml elements? If not, you should probably add a to-do item to
teach them.
MathML has been there for several years so I do expect (naively?) that
fuzzers have some kind of support already. My understanding is that
fuzzing tools can either generate data or "shuffle" from existing
input. For the latter, we have now a bunch of WPT tests with MathML to
feed the fuzzers and I believe these are particularly interesting to
cover edge cases with CSS, JS, etc. For the former, I thought that was
the case for https://github.com/MozillaSecurity/ or
https://github.com/renatahodovan/ but can't find any up-to-date repo
for MathML currently, so I agree we need to work on that.
So we've been contacting various security people doing browser fuzzing
to make sure their tools handle MathML and are aware of MathML Core.
We've also spent some time focusing more precisely on Chromium-related
fuzzing, basically increasing code coverage of "in-process guided
fuzzing" for low-level font modules and teaching MathML Core grammar to
DOM fuzzers. For details please read
https://bugs.chromium.org/p/chromium/issues/detail?id=1340884
What is the situation for developers that learn about this and want
to start using it? Are there good resources for learning how to write
MathML? I think a feature like this also deserves some attention when
it lands. Maybe that will happen by itself, or maybe someone needs to
initiate it. That info should probably also mention initial
limitations like printing, (multi-column?) and non-Core.
Similarly, MathML has been there for a while so there is already a
bunch of resource available about MathML (e.g. MDN to mention the
obvious one) as wellas editors & converters to generate it, polyfills
to cover browser's limitations, etc but I agree they will probably
need a refresh since (1) we implement a core subset (2) we are moving
to an extensible approach based on web technologies (3) there are
chrome-specific bugs like the printing one.
Also started to update MDN e.g.
https://github.com/mdn/content/pull/17735
https://github.com/mdn/content/pull/17812
Of course, we can probably get help from the MathML community to update it.
--
Frédéric Wang
--
You received this message because you are subscribed to the Google Groups
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/f927b8fb-a2a0-efc1-344f-f4f52b99af7c%40igalia.com.
