Title: [239949] releases/WebKitGTK/webkit-2.22
- Revision
- 239949
- Author
- [email protected]
- Date
- 2019-01-14 14:23:26 -0800 (Mon, 14 Jan 2019)
Log Message
Merge r239642 - Parsed protocol of _javascript_ URLs with embedded newlines and carriage returns do not match parsed protocol in Chrome and Firefox
https://bugs.webkit.org/show_bug.cgi?id=193155
<rdar://problem/40230982>
Reviewed by Chris Dumez.
Source/WebCore:
Test: fast/loader/comment-only-_javascript_-url.html
Make a special case for URLs beginning with '_javascript_:'. We should always
treat these as JS URLs, even if the content contained within the URL
string might match other parts of the URL parsing spec.
* html/URLUtils.h:
(WebCore::URLUtils<T>::protocol const):
LayoutTests:
* fast/loader/comment-only-_javascript_-url-expected.txt: Added.
* fast/loader/comment-only-_javascript_-url.html: Added.
Modified Paths
Added Paths
Diff
Modified: releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog (239948 => 239949)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog 2019-01-14 22:19:50 UTC (rev 239948)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog 2019-01-14 22:23:26 UTC (rev 239949)
@@ -1,3 +1,14 @@
+2019-01-04 Brent Fulgham <[email protected]>
+
+ Parsed protocol of _javascript_ URLs with embedded newlines and carriage returns do not match parsed protocol in Chrome and Firefox
+ https://bugs.webkit.org/show_bug.cgi?id=193155
+ <rdar://problem/40230982>
+
+ Reviewed by Chris Dumez.
+
+ * fast/loader/comment-only-_javascript_-url-expected.txt: Added.
+ * fast/loader/comment-only-_javascript_-url.html: Added.
+
2018-12-21 Zalan Bujtas <[email protected]>
Synchronous media query evaluation could destroy current Frame/FrameView.
Added: releases/WebKitGTK/webkit-2.22/LayoutTests/fast/loader/comment-only-_javascript_-url-expected.txt (0 => 239949)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/fast/loader/comment-only-_javascript_-url-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/fast/loader/comment-only-_javascript_-url-expected.txt 2019-01-14 22:23:26 UTC (rev 239949)
@@ -0,0 +1,18 @@
+ALERT: 0
+ALERT: 1
+ALERT: 2
+ALERT: 3
+ALERT: 4
+ALERT: 5
+ALERT: 6
+Tests that we properly handle _javascript_ URLs containing comment characters, newlines, and carriage returns.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS No _javascript_ URLs executed.
+PASS _javascript_ URLs were executed.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: releases/WebKitGTK/webkit-2.22/LayoutTests/fast/loader/comment-only-_javascript_-url.html (0 => 239949)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/fast/loader/comment-only-_javascript_-url.html (rev 0)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/fast/loader/comment-only-_javascript_-url.html 2019-01-14 22:23:26 UTC (rev 239949)
@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src=""
+<script>
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+}
+jsTestIsAsync = true;
+var count = 0;
+</script>
+</head>
+<body>
+<script>
+function filtered(url){
+ var parser = document.createElement('a');
+ parser.href = ""
+ if (parser.protocol.indexOf("_javascript_") == -1) {
+ parser.click();
+ }
+}
+
+function unfiltered(url){
+ var parser = document.createElement('a');
+ parser.href = ""
+ if (parser.protocol === "_javascript_:") {
+ parser.click();
+ };
+}
+
+description("Tests that we properly handle _javascript_ URLs containing comment characters, newlines, and carriage returns.");
+
+let cases = [ "_javascript_:alert(count); ++count;",
+ "_javascript_:// A fun test%0aalert(count); ++count;",
+ "_javascript_://:%0aalert(count); ++count;",
+ "_javascript_://:%0dalert(count); ++count;",
+ "_javascript_://:%0a%0dalert(count); ++count;",
+ "_javascript_://%0a://%0dalert(count); ++count;",
+ "_javascript_://%0d//:%0aalert(count); ++count;"
+];
+
+for (var c in cases)
+ filtered(cases[c]);
+
+setTimeout(function () {
+ if (!count)
+ testPassed("No _javascript_ URLs executed.");
+ else
+ testFailed("_javascript_ URLs were executed.")
+
+ for (var c in cases)
+ unfiltered(cases[c]);
+
+ setTimeout(function() {
+ if (count == cases.length)
+ testPassed("_javascript_ URLs were executed.")
+ else
+ testFailed("No _javascript_ URLs executed.");
+
+ finishJSTest();
+ }, 0);
+}, 0);
+</script>
+</body>
+</html>
Modified: releases/WebKitGTK/webkit-2.22/Source/WebCore/ChangeLog (239948 => 239949)
--- releases/WebKitGTK/webkit-2.22/Source/WebCore/ChangeLog 2019-01-14 22:19:50 UTC (rev 239948)
+++ releases/WebKitGTK/webkit-2.22/Source/WebCore/ChangeLog 2019-01-14 22:23:26 UTC (rev 239949)
@@ -1,3 +1,20 @@
+2019-01-04 Brent Fulgham <[email protected]>
+
+ Parsed protocol of _javascript_ URLs with embedded newlines and carriage returns do not match parsed protocol in Chrome and Firefox
+ https://bugs.webkit.org/show_bug.cgi?id=193155
+ <rdar://problem/40230982>
+
+ Reviewed by Chris Dumez.
+
+ Test: fast/loader/comment-only-_javascript_-url.html
+
+ Make a special case for URLs beginning with '_javascript_:'. We should always
+ treat these as JS URLs, even if the content contained within the URL
+ string might match other parts of the URL parsing spec.
+
+ * html/URLUtils.h:
+ (WebCore::URLUtils<T>::protocol const):
+
2018-12-21 Zalan Bujtas <[email protected]>
Synchronous media query evaluation could destroy current Frame/FrameView.
Modified: releases/WebKitGTK/webkit-2.22/Source/WebCore/html/URLUtils.h (239948 => 239949)
--- releases/WebKitGTK/webkit-2.22/Source/WebCore/html/URLUtils.h 2019-01-14 22:19:50 UTC (rev 239948)
+++ releases/WebKitGTK/webkit-2.22/Source/WebCore/html/URLUtils.h 2019-01-14 22:23:26 UTC (rev 239949)
@@ -90,6 +90,8 @@
template <typename T>
String URLUtils<T>::protocol() const
{
+ if (protocolIsJavaScript(href()))
+ return "_javascript_:"_s;
return makeString(href().protocol(), ':');
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
