Title: [239642] trunk
- Revision
- 239642
- Author
- bfulg...@apple.com
- Date
- 2019-01-04 15:42:32 -0800 (Fri, 04 Jan 2019)
Log Message
Parsed protocol of _javascript_ URLs with embedded newlines and carriage returns do not match parsed protocol in Chrome and Firefox
https://bugs.webkit.org/show_bug.cgi?id=193155
<rdar://problem/40230982>
Reviewed by Chris Dumez.
Source/WebCore:
Test: fast/loader/comment-only-_javascript_-url.html
Make a special case for URLs beginning with '_javascript_:'. We should always
treat these as JS URLs, even if the content contained within the URL
string might match other parts of the URL parsing spec.
* html/URLUtils.h:
(WebCore::URLUtils<T>::protocol const):
LayoutTests:
* fast/loader/comment-only-_javascript_-url-expected.txt: Added.
* fast/loader/comment-only-_javascript_-url.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (239641 => 239642)
--- trunk/LayoutTests/ChangeLog 2019-01-04 22:59:52 UTC (rev 239641)
+++ trunk/LayoutTests/ChangeLog 2019-01-04 23:42:32 UTC (rev 239642)
@@ -1,3 +1,14 @@
+2019-01-04 Brent Fulgham <bfulg...@apple.com>
+
+ Parsed protocol of _javascript_ URLs with embedded newlines and carriage returns do not match parsed protocol in Chrome and Firefox
+ https://bugs.webkit.org/show_bug.cgi?id=193155
+ <rdar://problem/40230982>
+
+ Reviewed by Chris Dumez.
+
+ * fast/loader/comment-only-_javascript_-url-expected.txt: Added.
+ * fast/loader/comment-only-_javascript_-url.html: Added.
+
2019-01-04 Jer Noble <jer.no...@apple.com>
Web Content process main thread blocked beneath ImageDecoderAVFObjC::readSamples for many seconds on imgur.com
Added: trunk/LayoutTests/fast/loader/comment-only-_javascript_-url-expected.txt (0 => 239642)
--- trunk/LayoutTests/fast/loader/comment-only-_javascript_-url-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/loader/comment-only-_javascript_-url-expected.txt 2019-01-04 23:42:32 UTC (rev 239642)
@@ -0,0 +1,18 @@
+ALERT: 0
+ALERT: 1
+ALERT: 2
+ALERT: 3
+ALERT: 4
+ALERT: 5
+ALERT: 6
+Tests that we properly handle _javascript_ URLs containing comment characters, newlines, and carriage returns.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS No _javascript_ URLs executed.
+PASS _javascript_ URLs were executed.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/fast/loader/comment-only-_javascript_-url.html (0 => 239642)
--- trunk/LayoutTests/fast/loader/comment-only-_javascript_-url.html (rev 0)
+++ trunk/LayoutTests/fast/loader/comment-only-_javascript_-url.html 2019-01-04 23:42:32 UTC (rev 239642)
@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src=""
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+}
+jsTestIsAsync = true;
+var count = 0;
+</script>
+</head>
+<body>
+<script>
+function filtered(url){
+ var parser = document.createElement('a');
+ parser.href = ""
+ if (parser.protocol.indexOf("_javascript_") == -1) {
+ parser.click();
+ }
+}
+
+function unfiltered(url){
+ var parser = document.createElement('a');
+ parser.href = ""
+ if (parser.protocol === "_javascript_:") {
+ parser.click();
+ };
+}
+
+description("Tests that we properly handle _javascript_ URLs containing comment characters, newlines, and carriage returns.");
+
+let cases = [ "_javascript_:alert(count); ++count;",
+ "_javascript_:// A fun test%0aalert(count); ++count;",
+ "_javascript_://:%0aalert(count); ++count;",
+ "_javascript_://:%0dalert(count); ++count;",
+ "_javascript_://:%0a%0dalert(count); ++count;",
+ "_javascript_://%0a://%0dalert(count); ++count;",
+ "_javascript_://%0d//:%0aalert(count); ++count;"
+];
+
+for (var c in cases)
+ filtered(cases[c]);
+
+setTimeout(function () {
+ if (!count)
+ testPassed("No _javascript_ URLs executed.");
+ else
+ testFailed("_javascript_ URLs were executed.")
+
+ for (var c in cases)
+ unfiltered(cases[c]);
+
+ setTimeout(function() {
+ if (count == cases.length)
+ testPassed("_javascript_ URLs were executed.")
+ else
+ testFailed("No _javascript_ URLs executed.");
+
+ finishJSTest();
+ }, 0);
+}, 0);
+</script>
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (239641 => 239642)
--- trunk/Source/WebCore/ChangeLog 2019-01-04 22:59:52 UTC (rev 239641)
+++ trunk/Source/WebCore/ChangeLog 2019-01-04 23:42:32 UTC (rev 239642)
@@ -1,3 +1,20 @@
+2019-01-04 Brent Fulgham <bfulg...@apple.com>
+
+ Parsed protocol of _javascript_ URLs with embedded newlines and carriage returns do not match parsed protocol in Chrome and Firefox
+ https://bugs.webkit.org/show_bug.cgi?id=193155
+ <rdar://problem/40230982>
+
+ Reviewed by Chris Dumez.
+
+ Test: fast/loader/comment-only-_javascript_-url.html
+
+ Make a special case for URLs beginning with '_javascript_:'. We should always
+ treat these as JS URLs, even if the content contained within the URL
+ string might match other parts of the URL parsing spec.
+
+ * html/URLUtils.h:
+ (WebCore::URLUtils<T>::protocol const):
+
2019-01-04 Jer Noble <jer.no...@apple.com>
[WebKitLegacy] Media playback pauses on scroll
Modified: trunk/Source/WebCore/html/URLUtils.h (239641 => 239642)
--- trunk/Source/WebCore/html/URLUtils.h 2019-01-04 22:59:52 UTC (rev 239641)
+++ trunk/Source/WebCore/html/URLUtils.h 2019-01-04 23:42:32 UTC (rev 239642)
@@ -90,6 +90,8 @@
template <typename T>
String URLUtils<T>::protocol() const
{
+ if (WTF::protocolIsJavaScript(href()))
+ return "_javascript_:"_s;
return makeString(href().protocol(), ':');
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes