Title: [231828] branches/safari-605-branch/Source/WebCore
- Revision
- 231828
- Author
- [email protected]
- Date
- 2018-05-15 18:41:54 -0700 (Tue, 15 May 2018)
Log Message
Cherry-pick r230983. rdar://problem/39988114
Release assert in ScriptController::canExecuteScripts via CachedSVGFont::ensureCustomFontData during
Document::updateStyleIfNeeded
https://bugs.webkit.org/show_bug.cgi?id=184950
Reviewed by Zalan Bujtas.
Convert an existing ScriptDisallowedScope::EventAllowedScope which only disables the debug assertions
by ScriptDisallowedScope::DisableAssertionsInScope which also disables the release assertion.
Because SVG font is loaded in a document isolated from the rest of the page (m_externalSVGDocument),
there is no security implication to execute scripts in this isolated document.
Unfortunately, no new tests. I could never make CachedSVGFont::ensureCustomFontData to get called inside
style resolution with m_externalSVGDocument set to nullptr after many attempts. Even EventAllowedScope
I added 13 months ago in r211965, which this patch replaces by DisableAssertionsInScope, is not utilized
by the existing layout tests since removing the assertion doesn't cause any layout test to hit an assertion.
* dom/ScriptDisallowedScope.h: Updated the comment.
* loader/cache/CachedSVGFont.cpp:
(WebCore::CachedSVGFont::ensureCustomFontData): Replaced the asssertion.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230983 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-605-branch/Source/WebCore/ChangeLog (231827 => 231828)
--- branches/safari-605-branch/Source/WebCore/ChangeLog 2018-05-16 01:41:52 UTC (rev 231827)
+++ branches/safari-605-branch/Source/WebCore/ChangeLog 2018-05-16 01:41:54 UTC (rev 231828)
@@ -1,3 +1,54 @@
+2018-05-15 Kocsen Chung <[email protected]>
+
+ Cherry-pick r230983. rdar://problem/39988114
+
+ Release assert in ScriptController::canExecuteScripts via CachedSVGFont::ensureCustomFontData during
+ Document::updateStyleIfNeeded
+ https://bugs.webkit.org/show_bug.cgi?id=184950
+
+ Reviewed by Zalan Bujtas.
+
+ Convert an existing ScriptDisallowedScope::EventAllowedScope which only disables the debug assertions
+ by ScriptDisallowedScope::DisableAssertionsInScope which also disables the release assertion.
+
+ Because SVG font is loaded in a document isolated from the rest of the page (m_externalSVGDocument),
+ there is no security implication to execute scripts in this isolated document.
+
+ Unfortunately, no new tests. I could never make CachedSVGFont::ensureCustomFontData to get called inside
+ style resolution with m_externalSVGDocument set to nullptr after many attempts. Even EventAllowedScope
+ I added 13 months ago in r211965, which this patch replaces by DisableAssertionsInScope, is not utilized
+ by the existing layout tests since removing the assertion doesn't cause any layout test to hit an assertion.
+
+ * dom/ScriptDisallowedScope.h: Updated the comment.
+ * loader/cache/CachedSVGFont.cpp:
+ (WebCore::CachedSVGFont::ensureCustomFontData): Replaced the asssertion.
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230983 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2018-04-24 Ryosuke Niwa <[email protected]>
+
+ Release assert in ScriptController::canExecuteScripts via CachedSVGFont::ensureCustomFontData during
+ Document::updateStyleIfNeeded
+ https://bugs.webkit.org/show_bug.cgi?id=184950
+
+ Reviewed by Zalan Bujtas.
+
+ Convert an existing ScriptDisallowedScope::EventAllowedScope which only disables the debug assertions
+ by ScriptDisallowedScope::DisableAssertionsInScope which also disables the release assertion.
+
+ Because SVG font is loaded in a document isolated from the rest of the page (m_externalSVGDocument),
+ there is no security implication to execute scripts in this isolated document.
+
+ Unfortunately, no new tests. I could never make CachedSVGFont::ensureCustomFontData to get called inside
+ style resolution with m_externalSVGDocument set to nullptr after many attempts. Even EventAllowedScope
+ I added 13 months ago in r211965, which this patch replaces by DisableAssertionsInScope, is not utilized
+ by the existing layout tests since removing the assertion doesn't cause any layout test to hit an assertion.
+
+ * dom/ScriptDisallowedScope.h: Updated the comment.
+ * loader/cache/CachedSVGFont.cpp:
+ (WebCore::CachedSVGFont::ensureCustomFontData): Replaced the asssertion.
+
2018-05-09 Jason Marcell <[email protected]>
Cherry-pick r231516. rdar://problem/40096750
Modified: branches/safari-605-branch/Source/WebCore/dom/ScriptDisallowedScope.h (231827 => 231828)
--- branches/safari-605-branch/Source/WebCore/dom/ScriptDisallowedScope.h 2018-05-16 01:41:52 UTC (rev 231827)
+++ branches/safari-605-branch/Source/WebCore/dom/ScriptDisallowedScope.h 2018-05-16 01:41:54 UTC (rev 231828)
@@ -129,7 +129,8 @@
};
#endif
- // FIXME: Remove this class once the sync layout inside SVGImage::draw is removed
+ // FIXME: Remove this class once the sync layout inside SVGImage::draw is removed,
+ // CachedSVGFont::ensureCustomFontData no longer synchronously creates a document during style resolution,
// and refactored the code in RenderFrameBase::performLayoutWithFlattening.
class DisableAssertionsInScope {
public:
Modified: branches/safari-605-branch/Source/WebCore/loader/cache/CachedSVGFont.cpp (231827 => 231828)
--- branches/safari-605-branch/Source/WebCore/loader/cache/CachedSVGFont.cpp 2018-05-16 01:41:52 UTC (rev 231827)
+++ branches/safari-605-branch/Source/WebCore/loader/cache/CachedSVGFont.cpp 2018-05-16 01:41:54 UTC (rev 231828)
@@ -75,7 +75,7 @@
m_externalSVGDocument = SVGDocument::create(nullptr, URL());
auto decoder = TextResourceDecoder::create("application/xml");
- ScriptDisallowedScope::EventAllowedScope allowedScope(*m_externalSVGDocument);
+ ScriptDisallowedScope::DisableAssertionsInScope disabledScope;
m_externalSVGDocument->setContent(decoder->decodeAndFlush(m_data->data(), m_data->size()));
sawError = decoder->sawError();
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
