fix(core): validate security-sensitive attributes in i18n bindings (#68468)

alan-agius4 · alxhub · commit 97eeb45cfa5f · 2026-05-06T14:43:09.000-07:00
Ensures that security-sensitive attributes (e.g., sandbox, allow) are correctly validated when applied through i18n-* dynamic attribute bindings, preventing potential policy bypasses. Closes #68418 PR Close #68468
diff --git a/packages/core/src/render3/i18n/i18n_parse.ts b/packages/core/src/render3/i18n/i18n_parse.ts
@@ -17,6 +17,10 @@ import {
 } from '../../sanitization/html_sanitizer';
 import {getInertBodyHelper} from '../../sanitization/inert_body';
 import {_sanitizeUrl} from '../../sanitization/url_sanitizer';
+import {
+  ɵɵvalidateAttribute as _validateAttribute,
+  SECURITY_SENSITIVE_ELEMENTS,
+} from '../../sanitization/sanitization';
 import {
   assertDefined,
   assertEqual,
@@ -388,7 +392,7 @@ export function i18nAttributesFirstPass(tView: TView, index: number, values: str
           previousElementIndex,
           attrName,
           countBindings(updateOpCodes),
-          SENSITIVE_ATTRS[attrName.toLowerCase()] ? _sanitizeUrl : null,
+          i18nSanitizeAttribute(attrName),
         );
       }
     }
@@ -816,7 +820,7 @@ function walkIcuTree(
                   newIndex,
                   attr.name,
                   0,
-                  SENSITIVE_ATTRS[lowerAttrName] ? _sanitizeUrl : null,
+                  i18nSanitizeAttribute(lowerAttrName),
                 );
               } else {
                 ngDevMode &&
@@ -969,3 +973,31 @@ function addCreateAttribute(
 ) {
   create.push((newIndex << IcuCreateOpCode.SHIFT_REF) | IcuCreateOpCode.Attr, attrName, attrValue);
 }
+
+/**
+ * Caches all keys of `SECURITY_SENSITIVE_ELEMENTS` in a Set to avoid recomputing
+ * or scanning them on every invocation.
+ */
+const SECURITY_SENSITIVE_ATTRS: ReadonlySet<string> = /* @__PURE__ */ (() =>
+  new Set(
+    Object.values(SECURITY_SENSITIVE_ELEMENTS).flatMap((attrs) => (attrs ? [...attrs.keys()] : [])),
+  ))();
+
+/**
+ * Returns a sanitizer for the given attribute name or null if the attribute is not security sensitive.
+ *
+ * @param attrName The name of the attribute to sanitize.
+ * @returns The sanitizer for the given attribute name.
+ */
+function i18nSanitizeAttribute(attrName: string): SanitizerFn | null {
+  const lowerAttrName = attrName.toLowerCase();
+  if (SENSITIVE_ATTRS[lowerAttrName]) {
+    return _sanitizeUrl;
+  }
+
+  if (SECURITY_SENSITIVE_ATTRS.has(lowerAttrName)) {
+    return _validateAttribute;
+  }
+
+  return null;
+}
diff --git a/packages/core/test/acceptance/security_spec.ts b/packages/core/test/acceptance/security_spec.ts
@@ -298,6 +298,25 @@ describe('iframe processing', () => {
         });
       });
 
+      it('should error when a translated security-sensitive attribute contains bindings', () => {
+        @Component({
+          selector: 'my-comp',
+          template: `
+            <iframe
+              src="${TEST_IFRAME_URL}"
+              i18n-sandbox
+              sandbox="allow-forms {{ extraPrivileges }}"
+            >
+            </iframe>
+          `,
+        })
+        class IframeComp {
+          extraPrivileges = 'allow-scripts allow-same-origin';
+        }
+
+        expectIframeCreationToFail(IframeComp);
+      });
+
       it('should work when a directive sets a security-sensitive attribute as a static attribute', () => {
         @Directive({
           selector: '[dir]',
