Title: [231933] branches/safari-605-branch
- Revision
- 231933
- Author
- kocsen_ch...@apple.com
- Date
- 2018-05-17 17:17:42 -0700 (Thu, 17 May 2018)
Log Message
Cherry-pick r230533. rdar://problem/40345980
IDN spoofing with Hebrew combining characters
https://bugs.webkit.org/show_bug.cgi?id=184472
<rdar://problem/39148687>
Reviewed by Brent Fulgham.
Source/WebCore:
Covered by new API tests.
* platform/mac/WebCoreNSURLExtras.mm:
(WebCore::isLookalikeCharacter):
Punycode-encode hosts with Hebrew combining marks that look like dots
and Vav with a combining dot above like we do with dotless i and j.
Tools:
* TestWebKitAPI/Tests/WebCore/cocoa/URLExtras.mm:
(TestWebKitAPI::TEST):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230533 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-605-branch/Source/WebCore/ChangeLog (231932 => 231933)
--- branches/safari-605-branch/Source/WebCore/ChangeLog 2018-05-18 00:04:59 UTC (rev 231932)
+++ branches/safari-605-branch/Source/WebCore/ChangeLog 2018-05-18 00:17:42 UTC (rev 231933)
@@ -1,3 +1,46 @@
+2018-05-17 Kocsen Chung <kocsen_ch...@apple.com>
+
+ Cherry-pick r230533. rdar://problem/40345980
+
+ IDN spoofing with Hebrew combining characters
+ https://bugs.webkit.org/show_bug.cgi?id=184472
+ <rdar://problem/39148687>
+
+ Reviewed by Brent Fulgham.
+
+ Source/WebCore:
+
+ Covered by new API tests.
+
+ * platform/mac/WebCoreNSURLExtras.mm:
+ (WebCore::isLookalikeCharacter):
+ Punycode-encode hosts with Hebrew combining marks that look like dots
+ and Vav with a combining dot above like we do with dotless i and j.
+
+ Tools:
+
+ * TestWebKitAPI/Tests/WebCore/cocoa/URLExtras.mm:
+ (TestWebKitAPI::TEST):
+
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230533 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2018-04-10 Alex Christensen <achristen...@webkit.org>
+
+ IDN spoofing with Hebrew combining characters
+ https://bugs.webkit.org/show_bug.cgi?id=184472
+ <rdar://problem/39148687>
+
+ Reviewed by Brent Fulgham.
+
+ Covered by new API tests.
+
+ * platform/mac/WebCoreNSURLExtras.mm:
+ (WebCore::isLookalikeCharacter):
+ Punycode-encode hosts with Hebrew combining marks that look like dots
+ and Vav with a combining dot above like we do with dotless i and j.
+
2018-05-15 Kocsen Chung <kocsen_ch...@apple.com>
Cherry-pick r231392. rdar://problem/40230018
Modified: branches/safari-605-branch/Source/WebCore/platform/mac/WebCoreNSURLExtras.mm (231932 => 231933)
--- branches/safari-605-branch/Source/WebCore/platform/mac/WebCoreNSURLExtras.mm 2018-05-18 00:04:59 UTC (rev 231932)
+++ branches/safari-605-branch/Source/WebCore/platform/mac/WebCoreNSURLExtras.mm 2018-05-18 00:17:42 UTC (rev 231933)
@@ -206,6 +206,11 @@
case 0x33AF: /* SQUARE RAD OVER S SQUARED */
case 0x33C6: /* SQUARE C OVER KG */
case 0x33DF: /* SQUARE A OVER M */
+ case 0x05B9: /* HEBREW POINT HOLAM */
+ case 0x05BA: /* HEBREW POINT HOLAM HASER FOR VAV */
+ case 0x05C1: /* HEBREW POINT SHIN DOT */
+ case 0x05C2: /* HEBREW POINT SIN DOT */
+ case 0x05C4: /* HEBREW MARK UPPER DOT */
case 0xA731: /* LATIN LETTER SMALL CAPITAL S */
case 0xA771: /* LATIN SMALL LETTER DUM */
case 0xA789: /* MODIFIER LETTER COLON */
@@ -227,7 +232,8 @@
return YES;
case 0x0307: /* COMBINING DOT ABOVE */
return previousCodePoint == 0x0237 /* LATIN SMALL LETTER DOTLESS J */
- || previousCodePoint == 0x0131; /* LATIN SMALL LETTER DOTLESS I */
+ || previousCodePoint == 0x0131 /* LATIN SMALL LETTER DOTLESS I */
+ || previousCodePoint == 0x05D5; /* HEBREW LETTER VAV */
case 0x0548: /* ARMENIAN CAPITAL LETTER VO */
case 0x054D: /* ARMENIAN CAPITAL LETTER SEH */
case 0x0578: /* ARMENIAN SMALL LETTER VO */
Modified: branches/safari-605-branch/Tools/ChangeLog (231932 => 231933)
--- branches/safari-605-branch/Tools/ChangeLog 2018-05-18 00:04:59 UTC (rev 231932)
+++ branches/safari-605-branch/Tools/ChangeLog 2018-05-18 00:17:42 UTC (rev 231933)
@@ -1,3 +1,42 @@
+2018-05-17 Kocsen Chung <kocsen_ch...@apple.com>
+
+ Cherry-pick r230533. rdar://problem/40345980
+
+ IDN spoofing with Hebrew combining characters
+ https://bugs.webkit.org/show_bug.cgi?id=184472
+ <rdar://problem/39148687>
+
+ Reviewed by Brent Fulgham.
+
+ Source/WebCore:
+
+ Covered by new API tests.
+
+ * platform/mac/WebCoreNSURLExtras.mm:
+ (WebCore::isLookalikeCharacter):
+ Punycode-encode hosts with Hebrew combining marks that look like dots
+ and Vav with a combining dot above like we do with dotless i and j.
+
+ Tools:
+
+ * TestWebKitAPI/Tests/WebCore/cocoa/URLExtras.mm:
+ (TestWebKitAPI::TEST):
+
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230533 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2018-04-10 Alex Christensen <achristen...@webkit.org>
+
+ IDN spoofing with Hebrew combining characters
+ https://bugs.webkit.org/show_bug.cgi?id=184472
+ <rdar://problem/39148687>
+
+ Reviewed by Brent Fulgham.
+
+ * TestWebKitAPI/Tests/WebCore/cocoa/URLExtras.mm:
+ (TestWebKitAPI::TEST):
+
2018-05-10 Jason Marcell <jmarc...@apple.com>
Cherry-pick r226610. rdar://problem/39987479
Modified: branches/safari-605-branch/Tools/TestWebKitAPI/Tests/WebCore/cocoa/URLExtras.mm (231932 => 231933)
--- branches/safari-605-branch/Tools/TestWebKitAPI/Tests/WebCore/cocoa/URLExtras.mm 2018-05-18 00:04:59 UTC (rev 231932)
+++ branches/safari-605-branch/Tools/TestWebKitAPI/Tests/WebCore/cocoa/URLExtras.mm 2018-05-18 00:17:42 UTC (rev 231933)
@@ -94,6 +94,13 @@
"xn--ews-nfe.org", // U+054D
"xn--yotube-qkh", // U+0578
"xn--cla-7fe.edu", // U+0578
+ "xn--rsa94l", // U+05D5 U+0307
+ "xn--hdb9c", // U+05D5 U+05B9
+ "xn--idb7c", // U+05D5 U+05BA
+ "xn--pdb3b", // U+05D5 U+05C1
+ "xn--qdb1b", // U+05D5 U+05C2
+ "xn--sdb7a", // U+05D5 U+05C4
+ "xn--2-zic", // U+0032 U+05E1
};
for (const String& host : punycodedSpoofHosts) {
auto url = "" host, "/").utf8();
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
