[webkit-changes] [235808] trunk

[commit-queue]

Title: [235808] trunk

Revision

235808

Author

commit-qu...@webkit.org

Date

2018-09-07 14:43:35 -0700 (Fri, 07 Sep 2018)

Log Message

XMLHttpRequest: open() does not throw a SYNTAX_ERR exception if method is empty or url cannot be resolved
https://bugs.webkit.org/show_bug.cgi?id=46008

Patch by Rob Buis <rb...@igalia.com> on 2018-09-07
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

* web-platform-tests/xhr/open-url-bogus-expected.txt:
* web-platform-tests/xhr/open-url-multi-window-6-expected.txt:

Source/WebCore:

Check if passed URL is valid as specified here [1].

Test: web-platform-tests/xhr/open-url-bogus.htm

[1] https://xhr.spec.whatwg.org/#the-open()-method Step 7

* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::open):

Modified Paths

• trunk/LayoutTests/imported/w3c/ChangeLog
• trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-bogus-expected.txt
• trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-multi-window-6-expected.txt
• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/xml/XMLHttpRequest.cpp

Diff

Modified: trunk/LayoutTests/imported/w3c/ChangeLog (235807 => 235808)

--- trunk/LayoutTests/imported/w3c/ChangeLog	2018-09-07 21:29:35 UTC (rev 235807)
+++ trunk/LayoutTests/imported/w3c/ChangeLog	2018-09-07 21:43:35 UTC (rev 235808)
@@ -1,3 +1,13 @@
+2018-09-07  Rob Buis  <rb...@igalia.com>
+
+        XMLHttpRequest: open() does not throw a SYNTAX_ERR exception if method is empty or url cannot be resolved
+        https://bugs.webkit.org/show_bug.cgi?id=46008
+
+        Reviewed by Chris Dumez.
+
+        * web-platform-tests/xhr/open-url-bogus-expected.txt:
+        * web-platform-tests/xhr/open-url-multi-window-6-expected.txt:
+
 2018-09-07  Frederic Wang  <fw...@igalia.com>
 
         [CSSOM View] Handle the scrollingElement in Element::scroll(Left/Top/Width/Height/To)

Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-bogus-expected.txt (235807 => 235808)

--- trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-bogus-expected.txt	2018-09-07 21:29:35 UTC (rev 235807)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-bogus-expected.txt	2018-09-07 21:43:35 UTC (rev 235808)
@@ -1,7 +1,7 @@
 
-FAIL XMLHttpRequest: open() - bogus URLs (//[) assert_throws: function "function () { client.open("GET", url) }" did not throw
+PASS XMLHttpRequest: open() - bogus URLs (//[) 
 FAIL XMLHttpRequest: open() - bogus URLs (ftp:) assert_throws: function "function () { client.open("GET", url) }" did not throw
-FAIL XMLHttpRequest: open() - bogus URLs (http://a a/) assert_throws: function "function () { client.open("GET", url) }" did not throw
-FAIL XMLHttpRequest: open() - bogus URLs (http:////////////) assert_throws: function "function () { client.open("GET", url) }" did not throw
-FAIL XMLHttpRequest: open() - bogus URLs (http://u:p@/) assert_throws: function "function () { client.open("GET", url) }" did not throw
+PASS XMLHttpRequest: open() - bogus URLs (http://a a/) 
+PASS XMLHttpRequest: open() - bogus URLs (http:////////////) 
+PASS XMLHttpRequest: open() - bogus URLs (http://u:p@/) 
 

Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-multi-window-6-expected.txt (235807 => 235808)

--- trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-multi-window-6-expected.txt	2018-09-07 21:29:35 UTC (rev 235807)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/xhr/open-url-multi-window-6-expected.txt	2018-09-07 21:43:35 UTC (rev 235808)
@@ -1,3 +1,3 @@
 
-FAIL XMLHttpRequest: open() in document that is not fully active (but may be active) should throw assert_throws: function "function () { client.open("GET", "...") }" did not throw
+FAIL XMLHttpRequest: open() in document that is not fully active (but may be active) should throw assert_throws: function "function () { client.open("GET", "...") }" threw object "SyntaxError: The string did not match the expected pattern." that is not a DOMException InvalidStateError: property "code" is equal to 12, expected 11
 

Modified: trunk/Source/WebCore/ChangeLog (235807 => 235808)

--- trunk/Source/WebCore/ChangeLog	2018-09-07 21:29:35 UTC (rev 235807)
+++ trunk/Source/WebCore/ChangeLog	2018-09-07 21:43:35 UTC (rev 235808)
@@ -1,3 +1,19 @@
+2018-09-07  Rob Buis  <rb...@igalia.com>
+
+        XMLHttpRequest: open() does not throw a SYNTAX_ERR exception if method is empty or url cannot be resolved
+        https://bugs.webkit.org/show_bug.cgi?id=46008
+
+        Reviewed by Chris Dumez.
+
+        Check if passed URL is valid as specified here [1].
+
+        Test: web-platform-tests/xhr/open-url-bogus.htm
+
+        [1] https://xhr.spec.whatwg.org/#the-open()-method Step 7
+
+        * xml/XMLHttpRequest.cpp:
+        (WebCore::XMLHttpRequest::open):
+
 2018-09-07  Frederic Wang  <fw...@igalia.com>
 
         [CSSOM View] Handle the scrollingElement in Element::scroll(Left/Top/Width/Height/To)

Modified: trunk/Source/WebCore/xml/XMLHttpRequest.cpp (235807 => 235808)

--- trunk/Source/WebCore/xml/XMLHttpRequest.cpp	2018-09-07 21:29:35 UTC (rev 235807)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.cpp	2018-09-07 21:43:35 UTC (rev 235808)
@@ -343,6 +343,9 @@
     if (isForbiddenMethod(method))
         return Exception { SecurityError };
 
+    if (!url.isValid())
+        return Exception { SyntaxError };
+
     if (!async && scriptExecutionContext()->isDocument()) {
         // Newer functionality is not available to synchronous requests in window contexts, as a spec-mandated
         // attempt to discourage synchronous XHR use. responseType is one such piece of functionality.

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes