Title: [94111] trunk
- Revision
- 94111
- Author
- [email protected]
- Date
- 2011-08-30 14:27:03 -0700 (Tue, 30 Aug 2011)
Log Message
PreloadScanner shouldn't load images inside noscript via doc.write
https://bugs.webkit.org/show_bug.cgi?id=67214
Reviewed by Adam Barth.
Source/WebCore:
The problem was that the tokenizer state was lost between each call to document.write.
This works around that bug by making all document.write()s in the same script block share
the same tokenizer state.
Test: fast/preloader/document-write-noscript.html
* html/parser/HTMLDocumentParser.cpp:
(WebCore::HTMLDocumentParser::~HTMLDocumentParser):
(WebCore::HTMLDocumentParser::detach):
(WebCore::HTMLDocumentParser::insert):
* html/parser/HTMLDocumentParser.h:
LayoutTests:
* fast/preloader/document-write-noscript-expected.txt: Added.
* fast/preloader/document-write-noscript.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (94110 => 94111)
--- trunk/LayoutTests/ChangeLog 2011-08-30 21:25:23 UTC (rev 94110)
+++ trunk/LayoutTests/ChangeLog 2011-08-30 21:27:03 UTC (rev 94111)
@@ -1,3 +1,13 @@
+2011-08-30 Tony Gentilcore <[email protected]>
+
+ PreloadScanner shouldn't load images inside noscript via doc.write
+ https://bugs.webkit.org/show_bug.cgi?id=67214
+
+ Reviewed by Adam Barth.
+
+ * fast/preloader/document-write-noscript-expected.txt: Added.
+ * fast/preloader/document-write-noscript.html: Added.
+
2011-08-30 Abhishek Arya <[email protected]>
Style not updated for table parts in :before, :after content.
Added: trunk/LayoutTests/fast/preloader/document-write-noscript-expected.txt (0 => 94111)
--- trunk/LayoutTests/fast/preloader/document-write-noscript-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/preloader/document-write-noscript-expected.txt 2011-08-30 21:27:03 UTC (rev 94111)
@@ -0,0 +1,2 @@
+noscript-image2.png has MIME type image/png
+This test requires DumpRenderTree to see the log of what resources are loaded. It verifies that noscript-image1.png is not loaded because it is in a noscript block and noscript-image2.png is loaded because it is not in a noscript block.
Added: trunk/LayoutTests/fast/preloader/document-write-noscript.html (0 => 94111)
--- trunk/LayoutTests/fast/preloader/document-write-noscript.html (rev 0)
+++ trunk/LayoutTests/fast/preloader/document-write-noscript.html 2011-08-30 21:27:03 UTC (rev 94111)
@@ -0,0 +1,26 @@
+<body>
+<script>
+if (window.layoutTestController) {
+ layoutTestController.dumpAsText();
+ layoutTestController.dumpResourceResponseMIMETypes();
+}
+</script>
+This test requires DumpRenderTree to see the log of what resources are loaded.
+It verifies that noscript-image1.png is not loaded because it is in a noscript block and
+noscript-image2.png is loaded because it is not in a noscript block.
+
+<script>
+ document.write('<script src=""
+ document.write('<noscript>');
+ document.write('<img src=""
+ document.write('</noscript>');
+</script>
+
+<script>
+ document.write('<noscript>');
+</script>
+</noscript>
+<script>
+ document.write('<script src=""
+ document.write('<img src=""
+</script>
Modified: trunk/Source/WebCore/ChangeLog (94110 => 94111)
--- trunk/Source/WebCore/ChangeLog 2011-08-30 21:25:23 UTC (rev 94110)
+++ trunk/Source/WebCore/ChangeLog 2011-08-30 21:27:03 UTC (rev 94111)
@@ -1,3 +1,22 @@
+2011-08-30 Tony Gentilcore <[email protected]>
+
+ PreloadScanner shouldn't load images inside noscript via doc.write
+ https://bugs.webkit.org/show_bug.cgi?id=67214
+
+ Reviewed by Adam Barth.
+
+ The problem was that the tokenizer state was lost between each call to document.write.
+ This works around that bug by making all document.write()s in the same script block share
+ the same tokenizer state.
+
+ Test: fast/preloader/document-write-noscript.html
+
+ * html/parser/HTMLDocumentParser.cpp:
+ (WebCore::HTMLDocumentParser::~HTMLDocumentParser):
+ (WebCore::HTMLDocumentParser::detach):
+ (WebCore::HTMLDocumentParser::insert):
+ * html/parser/HTMLDocumentParser.h:
+
2011-08-30 Dmitry Titov <[email protected]>
https://bugs.webkit.org/show_bug.cgi?id=67210
Modified: trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp (94110 => 94111)
--- trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp 2011-08-30 21:25:23 UTC (rev 94110)
+++ trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp 2011-08-30 21:27:03 UTC (rev 94111)
@@ -105,6 +105,7 @@
ASSERT(!m_parserScheduler);
ASSERT(!m_pumpSessionNestingLevel);
ASSERT(!m_preloadScanner);
+ ASSERT(!m_insertionPreloadScanner);
}
void HTMLDocumentParser::detach()
@@ -116,6 +117,7 @@
// FIXME: It seems wrong that we would have a preload scanner here.
// Yet during fast/dom/HTMLScriptElement/script-load-events.html we do.
m_preloadScanner.clear();
+ m_insertionPreloadScanner.clear();
m_parserScheduler.clear(); // Deleting the scheduler will clear any timers.
}
@@ -326,9 +328,10 @@
if (isWaitingForScripts()) {
// Check the document.write() output with a separate preload scanner as
// the main scanner can't deal with insertions.
- HTMLPreloadScanner preloadScanner(document());
- preloadScanner.appendToEnd(source);
- preloadScanner.scan();
+ if (!m_insertionPreloadScanner)
+ m_insertionPreloadScanner = adoptPtr(new HTMLPreloadScanner(document()));
+ m_insertionPreloadScanner->appendToEnd(source);
+ m_insertionPreloadScanner->scan();
}
endIfDelayed();
@@ -475,6 +478,7 @@
ASSERT(!inScriptExecution());
ASSERT(!m_treeBuilder->isPaused());
+ m_insertionPreloadScanner.clear();
pumpTokenizerIfPossible(AllowYield);
endIfDelayed();
}
Modified: trunk/Source/WebCore/html/parser/HTMLDocumentParser.h (94110 => 94111)
--- trunk/Source/WebCore/html/parser/HTMLDocumentParser.h 2011-08-30 21:25:23 UTC (rev 94110)
+++ trunk/Source/WebCore/html/parser/HTMLDocumentParser.h 2011-08-30 21:27:03 UTC (rev 94111)
@@ -150,6 +150,7 @@
OwnPtr<HTMLScriptRunner> m_scriptRunner;
OwnPtr<HTMLTreeBuilder> m_treeBuilder;
OwnPtr<HTMLPreloadScanner> m_preloadScanner;
+ OwnPtr<HTMLPreloadScanner> m_insertionPreloadScanner;
OwnPtr<HTMLParserScheduler> m_parserScheduler;
HTMLSourceTracker m_sourceTracker;
XSSAuditor m_xssAuditor;
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
