Title: [271734] trunk
- Revision
- 271734
- Author
- drou...@apple.com
- Date
- 2021-01-21 19:39:46 -0800 (Thu, 21 Jan 2021)
Log Message
[Payment Request] constructor should throw if a payment method is provided more than once
https://bugs.webkit.org/show_bug.cgi?id=220824
Reviewed by Andy Estes.
LayoutTests/imported/w3c:
* web-platform-tests/payment-request/payment-request-constructor-thcrash.https-expected.txt:
* web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt:
Source/WebCore:
Test: web-platform-tests/payment-request/payment-request-constructor.https.sub.html
* Modules/paymentrequest/PaymentRequest.cpp:
(WebCore::stringify): Added.
(WebCore::PaymentRequest::create):
Modified Paths
Diff
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (271733 => 271734)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2021-01-22 03:22:03 UTC (rev 271733)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2021-01-22 03:39:46 UTC (rev 271734)
@@ -1,3 +1,13 @@
+2021-01-21 Devin Rousso <drou...@apple.com>
+
+ [Payment Request] constructor should throw if a payment method is provided more than once
+ https://bugs.webkit.org/show_bug.cgi?id=220824
+
+ Reviewed by Andy Estes.
+
+ * web-platform-tests/payment-request/payment-request-constructor-thcrash.https-expected.txt:
+ * web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt:
+
2021-01-21 Sam Weinig <wei...@apple.com>
Remove explicit clamp to SRGB for Lab colors on CG platforms that support wide color
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/payment-request/payment-request-constructor-thcrash.https-expected.txt (271733 => 271734)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/payment-request/payment-request-constructor-thcrash.https-expected.txt 2021-01-22 03:22:03 UTC (rev 271733)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/payment-request/payment-request-constructor-thcrash.https-expected.txt 2021-01-22 03:39:46 UTC (rev 271734)
@@ -1,5 +1,5 @@
-PASS Don't crash if there is an abusive number of payment methods in the methodData sequence
+FAIL Don't crash if there is an abusive number of payment methods in the methodData sequence assert_equals: must be a TypeError expected "TypeError" but got "RangeError"
PASS Don't crash if PaymentMethodData.supportedMethods is an abusive length
PASS Don't crash if the request id has an abusive length
PASS Don't crash if PaymentDetailsInit.total.label is an abusive length
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt (271733 => 271734)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt 2021-01-22 03:22:03 UTC (rev 271733)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt 2021-01-22 03:39:46 UTC (rev 271734)
@@ -5,7 +5,7 @@
PASS Use ids even if they are strange
PASS Use provided request ID
PASS If the length of the methodData sequence is zero, then throw a TypeError
-FAIL If payment method is duplicate, then throw a RangeError assert_throws_js: function "() => new PaymentRequest(duplicateMethods, defaultDetails)" did not throw
+PASS If payment method is duplicate, then throw a RangeError
PASS Modifier method data must be JSON-serializable object
PASS Rethrow any exceptions of JSON-serializing paymentMethod.data into a string
PASS If details.total.amount.value is not a valid decimal monetary value, then throw a TypeError
Modified: trunk/Source/WebCore/ChangeLog (271733 => 271734)
--- trunk/Source/WebCore/ChangeLog 2021-01-22 03:22:03 UTC (rev 271733)
+++ trunk/Source/WebCore/ChangeLog 2021-01-22 03:39:46 UTC (rev 271734)
@@ -1,3 +1,16 @@
+2021-01-21 Devin Rousso <drou...@apple.com>
+
+ [Payment Request] constructor should throw if a payment method is provided more than once
+ https://bugs.webkit.org/show_bug.cgi?id=220824
+
+ Reviewed by Andy Estes.
+
+ Test: web-platform-tests/payment-request/payment-request-constructor.https.sub.html
+
+ * Modules/paymentrequest/PaymentRequest.cpp:
+ (WebCore::stringify): Added.
+ (WebCore::PaymentRequest::create):
+
2021-01-21 Chris Dumez <cdu...@apple.com>
Protect against sampleRate being 0 in IIRFilter::tailTime()
Modified: trunk/Source/WebCore/Modules/paymentrequest/PaymentRequest.cpp (271733 => 271734)
--- trunk/Source/WebCore/Modules/paymentrequest/PaymentRequest.cpp 2021-01-22 03:22:03 UTC (rev 271733)
+++ trunk/Source/WebCore/Modules/paymentrequest/PaymentRequest.cpp 2021-01-22 03:39:46 UTC (rev 271734)
@@ -322,6 +322,14 @@
return data;
}
+static String stringify(const PaymentRequest::MethodIdentifier& identifier)
+{
+ return WTF::switchOn(identifier,
+ [] (const String& string) { return string; },
+ [] (const URL& url) { return url.string(); }
+ );
+}
+
// Implements the PaymentRequest Constructor
// https://www.w3.org/TR/payment-request/#constructor
ExceptionOr<Ref<PaymentRequest>> PaymentRequest::create(Document& document, Vector<PaymentMethodData>&& methodData, PaymentDetailsInit&& details, PaymentOptions&& options)
@@ -338,11 +346,15 @@
Vector<Method> serializedMethodData;
serializedMethodData.reserveInitialCapacity(methodData.size());
+ HashSet<String> seenMethodIDs;
for (auto& paymentMethod : methodData) {
auto identifier = convertAndValidatePaymentMethodIdentifier(paymentMethod.supportedMethods);
if (!identifier)
return Exception { RangeError, makeString('"', paymentMethod.supportedMethods, "\" is an invalid payment method identifier.") };
+ if (!seenMethodIDs.add(stringify(*identifier)))
+ return Exception { RangeError, "Payment method IDs must be unique."_s };
+
String serializedData;
if (paymentMethod.data) {
auto scope = DECLARE_THROW_SCOPE(document.globalObject()->vm());
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
