Skip to site navigation (Press enter)

[webkit-changes] [211067] trunk

achristensen Mon, 23 Jan 2017 15:26:55 -0800

Title: [211067] trunk

Revision: 211067
Author: [email protected]
Date: 2017-01-23 15:26:55 -0800 (Mon, 23 Jan 2017)

Log Message

URLParser should fail to parse percent-encoded invalid UTF-8 sequences
https://bugs.webkit.org/show_bug.cgi?id=167330
Source/WebCore:


<rdar://problem/29319962>

Reviewed by Tim Horton.

Covered by new API tests.

* platform/URLParser.cpp:
(WebCore::containsOnlyASCII):
(WebCore::URLParser::parseHostAndPort):
If UTF-8 decoding fails after percent-decoding the host, fail to parse.
This matches Chrome and Firefox, and it was proposed to the spec in https://github.com/whatwg/url/issues/215

Tools:


Reviewed by Tim Horton.

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::TEST_F):

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/platform/URLParser.cpp
trunk/Tools/ChangeLog
trunk/Tools/TestWebKitAPI/Tests/WebCore/URLParser.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (211066 => 211067)


--- trunk/Source/WebCore/ChangeLog	2017-01-23 23:22:27 UTC (rev 211066)
+++ trunk/Source/WebCore/ChangeLog	2017-01-23 23:26:55 UTC (rev 211067)
@@ -1,5 +1,21 @@
 2017-01-23  Alex Christensen  <[email protected]>
 
+        URLParser should fail to parse percent-encoded invalid UTF-8 sequences
+        https://bugs.webkit.org/show_bug.cgi?id=167330
+        <rdar://problem/29319962>
+
+        Reviewed by Tim Horton.
+
+        Covered by new API tests.
+
+        * platform/URLParser.cpp:
+        (WebCore::containsOnlyASCII):
+        (WebCore::URLParser::parseHostAndPort):
+        If UTF-8 decoding fails after percent-decoding the host, fail to parse.
+        This matches Chrome and Firefox, and it was proposed to the spec in https://github.com/whatwg/url/issues/215
+
+2017-01-23  Alex Christensen  <[email protected]>
+
         Make URLs with non-special schemes and a query or fragment but no slash after the host more compatible
         https://bugs.webkit.org/show_bug.cgi?id=167317
         <rdar://problem/29526875>

Modified: trunk/Source/WebCore/platform/URLParser.cpp (211066 => 211067)


--- trunk/Source/WebCore/platform/URLParser.cpp	2017-01-23 23:22:27 UTC (rev 211066)
+++ trunk/Source/WebCore/platform/URLParser.cpp	2017-01-23 23:26:55 UTC (rev 211067)
@@ -2464,6 +2464,7 @@
 
 ALWAYS_INLINE static bool containsOnlyASCII(const String& string)
 {
+    ASSERT(!string.isNull());
     if (string.is8Bit())
         return charactersAreAllASCII(string.characters8(), string.length());
     return charactersAreAllASCII(string.characters16(), string.length());
@@ -2681,6 +2682,8 @@
     }
     Vector<LChar, defaultInlineBufferSize> percentDecoded = percentDecode(utf8Encoded.data(), utf8Encoded.size(), hostBegin);
     String domain = String::fromUTF8(percentDecoded.data(), percentDecoded.size());
+    if (domain.isNull())
+        return false;
     if (domain != StringView(percentDecoded.data(), percentDecoded.size()))
         syntaxViolation(hostBegin);
     auto asciiDomain = domainToASCII(domain, hostBegin);

Modified: trunk/Tools/ChangeLog (211066 => 211067)


--- trunk/Tools/ChangeLog	2017-01-23 23:22:27 UTC (rev 211066)
+++ trunk/Tools/ChangeLog	2017-01-23 23:26:55 UTC (rev 211067)
@@ -1,5 +1,15 @@
 2017-01-23  Alex Christensen  <[email protected]>
 
+        URLParser should fail to parse percent-encoded invalid UTF-8 sequences
+        https://bugs.webkit.org/show_bug.cgi?id=167330
+
+        Reviewed by Tim Horton.
+
+        * TestWebKitAPI/Tests/WebCore/URLParser.cpp:
+        (TestWebKitAPI::TEST_F):
+
+2017-01-23  Alex Christensen  <[email protected]>
+
         Make URLs with non-special schemes and a query or fragment but no slash after the host more compatible
         https://bugs.webkit.org/show_bug.cgi?id=167317

Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/URLParser.cpp (211066 => 211067)


--- trunk/Tools/TestWebKitAPI/Tests/WebCore/URLParser.cpp	2017-01-23 23:22:27 UTC (rev 211066)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/URLParser.cpp	2017-01-23 23:26:55 UTC (rev 211067)
@@ -787,7 +787,12 @@
     checkURLDifferences("file:pAtH/",
         {"file", "", "", "", 0, "/pAtH/", "", "", "file:///pAtH/"},
         {"file", "", "", "", 0, "pAtH/", "", "", "file://pAtH/"});
-    
+    checkURLDifferences("http://example.com%A0",
+        {"", "", "", "", 0, "", "", "", "http://example.com%A0"},
+        {"http", "", "", "example.com%a0", 0, "/", "", "", "http://example.com%a0/"});
+    checkURLDifferences("http://%E2%98%83",
+        {"http", "", "", "xn--n3h", 0, "/", "", "", "http://xn--n3h/"},
+        {"http", "", "", "%e2%98%83", 0, "/", "", "", "http://%e2%98%83/"});
     checkURLDifferences("http://host%73",
         {"http", "", "", "hosts", 0, "/", "", "", "http://hosts/"},
         {"http", "", "", "host%73", 0, "/", "", "", "http://host%73/"});

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes