Fil
commented
7 months ago It seems that the code is correctly answering this on line 20 by switching to the ownerSVG, if any:
e = e.ownerSVGElement || e;
Closed BobGneu closed 7 months ago
Fil
commented
7 months ago It seems that the code is correctly answering this on line 20 by switching to the ownerSVG, if any:
e = e.ownerSVGElement || e;
Good day!
It looks like in
zoom.jsthe type check at the head of the function is for anSVGElement, but it ought to be theSVGSVGElement.https://github.com/d3/d3-zoom/blob/main/src/zoom.js#L17-L28
Per the definition on the MDN this results in an opportunity for misuse to result in an element being passed in that is not the outermost SVG element.
https://developer.mozilla.org/en-US/docs/Web/API/SVGSVGElement https://developer.mozilla.org/en-US/docs/Web/API/SVGElement
Also noticed that the repo has not had its open PRs merged in in some time. If the there is a maintainer around and interest I can get a PR in for review later in the week. Looks like it should be a really quick changeset.