Diff
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2021-10-21 00:03:30 UTC (rev 284588)
@@ -1,3 +1,24 @@
+2021-10-20 Alex Christensen <[email protected]>
+
+ URLParser should reject hosts with C0 control characters or U+007F
+ https://bugs.webkit.org/show_bug.cgi?id=232034
+
+ Reviewed by Tim Horton.
+
+ * web-platform-tests/url/a-element-origin-expected.txt:
+ * web-platform-tests/url/a-element-origin-xhtml-expected.txt:
+ * web-platform-tests/url/failure-expected.txt:
+ * web-platform-tests/url/resources/urltestdata.json:
+ * web-platform-tests/url/url-character-sets.any-expected.txt: Added.
+ * web-platform-tests/url/url-character-sets.any.html: Added.
+ * web-platform-tests/url/url-character-sets.any.js: Added.
+ (cp.test):
+ * web-platform-tests/url/url-character-sets.any.worker-expected.txt: Added.
+ * web-platform-tests/url/url-character-sets.any.worker.html: Added.
+ * web-platform-tests/url/url-origin.any-expected.txt:
+ * web-platform-tests/url/url-origin.any.worker-expected.txt:
+ * web-platform-tests/url/url-setters-stripping.any.js:
+
2021-10-20 Youenn Fablet <[email protected]>
Add support for requestVideoFrameCallback API and MediaStreamTrack-based backend support
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/url/a-element-origin-expected.txt (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/a-element-origin-expected.txt 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/a-element-origin-expected.txt 2021-10-21 00:03:30 UTC (rev 284588)
@@ -264,8 +264,6 @@
PASS Parsing origin: <wow:%1G> against <about:blank>
PASS Parsing origin: <wow:\x{FFFF}> against <about:blank>
PASS Parsing origin: <http://example.com/U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}?U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}> against <about:blank>
-PASS Parsing origin: <http://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
-PASS Parsing origin: <sc://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
PASS Parsing origin: <ftp://%e2%98%83> against <about:blank>
PASS Parsing origin: <https://%e2%98%83> against <about:blank>
PASS Parsing origin: <http://127.0.0.1:10100/relative_import.html> against <about:blank>
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/url/a-element-origin-xhtml-expected.txt (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/a-element-origin-xhtml-expected.txt 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/a-element-origin-xhtml-expected.txt 2021-10-21 00:03:30 UTC (rev 284588)
@@ -264,8 +264,6 @@
PASS Parsing origin: <wow:%1G> against <about:blank>
PASS Parsing origin: <wow:\x{FFFF}> against <about:blank>
PASS Parsing origin: <http://example.com/U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}?U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}> against <about:blank>
-PASS Parsing origin: <http://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
-PASS Parsing origin: <sc://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
PASS Parsing origin: <ftp://%e2%98%83> against <about:blank>
PASS Parsing origin: <https://%e2%98%83> against <about:blank>
PASS Parsing origin: <http://127.0.0.1:10100/relative_import.html> against <about:blank>
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/url/failure-expected.txt (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/failure-expected.txt 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/failure-expected.txt 2021-10-21 00:03:30 UTC (rev 284588)
@@ -312,6 +312,18 @@
PASS sendBeacon(): http://ho%7Cst/ should throw
PASS Location's href: http://ho%7Cst/ should throw
PASS window.open(): http://ho%7Cst/ should throw
+PASS URL's constructor's base argument: http://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS URL's href: http://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS XHR: http://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS sendBeacon(): http://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS Location's href: http://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS window.open(): http://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS URL's constructor's base argument: sc://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS URL's href: sc://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS XHR: sc://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS sendBeacon(): sc://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS Location's href: sc://�!"$&'()*+,-.;=_`{}~/ should throw
+PASS window.open(): sc://�!"$&'()*+,-.;=_`{}~/ should throw
PASS URL's constructor's base argument: ftp://example.com%80/ should throw
PASS URL's href: ftp://example.com%80/ should throw
PASS XHR: ftp://example.com%80/ should throw
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/url/resources/urltestdata.json (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/resources/urltestdata.json 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/resources/urltestdata.json 2021-10-21 00:03:30 UTC (rev 284588)
@@ -4853,32 +4853,12 @@
{
"input": "http://\u001F!\"$&'()*+,-.;=_`{}~/",
"base": "about:blank",
- "href": "http://\u001F!\"$&'()*+,-.;=_`{}~/",
- "origin": "http://\u001F!\"$&'()*+,-.;=_`{}~",
- "protocol": "http:",
- "username": "",
- "password": "",
- "host": "\u001F!\"$&'()*+,-.;=_`{}~",
- "hostname": "\u001F!\"$&'()*+,-.;=_`{}~",
- "port": "",
- "pathname": "/",
- "search": "",
- "hash": ""
+ "failure": true
},
{
"input": "sc://\u001F!\"$&'()*+,-.;=_`{}~/",
"base": "about:blank",
- "href": "sc://%1F!\"$&'()*+,-.;=_`{}~/",
- "origin": "null",
- "protocol": "sc:",
- "username": "",
- "password": "",
- "host": "%1F!\"$&'()*+,-.;=_`{}~",
- "hostname": "%1F!\"$&'()*+,-.;=_`{}~",
- "port": "",
- "pathname": "/",
- "search": "",
- "hash": ""
+ "failure": true
},
"# Hosts and percent-encoding",
{
Added: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any-expected.txt (0 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any-expected.txt (rev 0)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any-expected.txt 2021-10-21 00:03:30 UTC (rev 284588)
@@ -0,0 +1,131 @@
+
+PASS https host code point 0x0 (\0)
+PASS https host code point 0x1 (�)
+PASS https host code point 0x2 (�)
+PASS https host code point 0x3 (�)
+PASS https host code point 0x4 (�)
+PASS https host code point 0x5 (�)
+PASS https host code point 0x6 (�)
+PASS https host code point 0x7 (�)
+PASS https host code point 0x8 (�)
+PASS https host code point 0x9 ( )
+PASS https host code point 0xa (
+)
+PASS https host code point 0xb (�)
+PASS https host code point 0xc (�)
+PASS https host code point 0xd (\r)
+PASS https host code point 0xe (�)
+PASS https host code point 0xf (�)
+PASS https host code point 0x10 (�)
+PASS https host code point 0x11 (�)
+PASS https host code point 0x12 (�)
+PASS https host code point 0x13 (�)
+PASS https host code point 0x14 (�)
+PASS https host code point 0x15 (�)
+PASS https host code point 0x16 (�)
+PASS https host code point 0x17 (�)
+PASS https host code point 0x18 (�)
+PASS https host code point 0x19 (�)
+PASS https host code point 0x1a (�)
+PASS https host code point 0x1b (�)
+PASS https host code point 0x1c (�)
+PASS https host code point 0x1d (�)
+PASS https host code point 0x1e (�)
+PASS https host code point 0x1f (�)
+PASS https host code point 0x20 ( )
+PASS https host code point 0x21 (!)
+PASS https host code point 0x22 (")
+PASS https host code point 0x23 (#)
+PASS https host code point 0x24 ($)
+PASS https host code point 0x25 (%)
+PASS https host code point 0x26 (&)
+PASS https host code point 0x27 (')
+PASS https host code point 0x28 (()
+PASS https host code point 0x29 ())
+PASS https host code point 0x2a (*)
+PASS https host code point 0x2b (+)
+PASS https host code point 0x2c (,)
+PASS https host code point 0x2d (-)
+PASS https host code point 0x2e (.)
+PASS https host code point 0x2f (/)
+PASS https host code point 0x30 (0)
+PASS https host code point 0x31 (1)
+PASS https host code point 0x32 (2)
+PASS https host code point 0x33 (3)
+PASS https host code point 0x34 (4)
+PASS https host code point 0x35 (5)
+PASS https host code point 0x36 (6)
+PASS https host code point 0x37 (7)
+PASS https host code point 0x38 (8)
+PASS https host code point 0x39 (9)
+PASS https host code point 0x3a (:)
+PASS https host code point 0x3b (;)
+PASS https host code point 0x3c (<)
+PASS https host code point 0x3d (=)
+PASS https host code point 0x3e (>)
+PASS https host code point 0x3f (?)
+PASS https host code point 0x40 (@)
+PASS https host code point 0x41 (A)
+PASS https host code point 0x42 (B)
+PASS https host code point 0x43 (C)
+PASS https host code point 0x44 (D)
+PASS https host code point 0x45 (E)
+PASS https host code point 0x46 (F)
+PASS https host code point 0x47 (G)
+PASS https host code point 0x48 (H)
+PASS https host code point 0x49 (I)
+PASS https host code point 0x4a (J)
+PASS https host code point 0x4b (K)
+PASS https host code point 0x4c (L)
+PASS https host code point 0x4d (M)
+PASS https host code point 0x4e (N)
+PASS https host code point 0x4f (O)
+PASS https host code point 0x50 (P)
+PASS https host code point 0x51 (Q)
+PASS https host code point 0x52 (R)
+PASS https host code point 0x53 (S)
+PASS https host code point 0x54 (T)
+PASS https host code point 0x55 (U)
+PASS https host code point 0x56 (V)
+PASS https host code point 0x57 (W)
+PASS https host code point 0x58 (X)
+PASS https host code point 0x59 (Y)
+PASS https host code point 0x5a (Z)
+PASS https host code point 0x5b ([)
+PASS https host code point 0x5c (\)
+PASS https host code point 0x5d (])
+PASS https host code point 0x5e (^)
+PASS https host code point 0x5f (_)
+PASS https host code point 0x60 (`)
+PASS https host code point 0x61 (a)
+PASS https host code point 0x62 (b)
+PASS https host code point 0x63 (c)
+PASS https host code point 0x64 (d)
+PASS https host code point 0x65 (e)
+PASS https host code point 0x66 (f)
+PASS https host code point 0x67 (g)
+PASS https host code point 0x68 (h)
+PASS https host code point 0x69 (i)
+PASS https host code point 0x6a (j)
+PASS https host code point 0x6b (k)
+PASS https host code point 0x6c (l)
+PASS https host code point 0x6d (m)
+PASS https host code point 0x6e (n)
+PASS https host code point 0x6f (o)
+PASS https host code point 0x70 (p)
+PASS https host code point 0x71 (q)
+PASS https host code point 0x72 (r)
+PASS https host code point 0x73 (s)
+PASS https host code point 0x74 (t)
+PASS https host code point 0x75 (u)
+PASS https host code point 0x76 (v)
+PASS https host code point 0x77 (w)
+PASS https host code point 0x78 (x)
+PASS https host code point 0x79 (y)
+PASS https host code point 0x7a (z)
+PASS https host code point 0x7b ({)
+PASS https host code point 0x7c (|)
+PASS https host code point 0x7d (})
+PASS https host code point 0x7e (~)
+PASS https host code point 0x7f ()
+
Added: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.html (0 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.html (rev 0)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.html 2021-10-21 00:03:30 UTC (rev 284588)
@@ -0,0 +1 @@
+<!-- This file is required for WebKit test infrastructure to run the templated test -->
\ No newline at end of file
Added: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.js (0 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.js (rev 0)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.js 2021-10-21 00:03:30 UTC (rev 284588)
@@ -0,0 +1,40 @@
+function checkHostCodePoint(codePoint, forbidden) {
+ let caught = false;
+ try {
+ new URL("https://%" + codePoint.toString(16));
+ } catch (e) {
+ caught = true;
+ }
+ assert_equals(caught, forbidden, "percent encoded");
+ caught = false;
+ try {
+ new URL("https://" + String.fromCodePoint(codePoint));
+ } catch (e) {
+ caught = true;
+ }
+ assert_equals(caught, forbidden, "not percent encoded");
+}
+
+function isForbiddenHostCodePoint(codePoint) {
+ return codePoint <= 0x20
+ || codePoint == 0x23
+ || codePoint == 0x25
+ || codePoint == 0x2F
+ || codePoint == 0x3A
+ || codePoint == 0x3C
+ || codePoint == 0x3E
+ || codePoint == 0x3F
+ || codePoint == 0x40
+ || codePoint == 0x5B
+ || codePoint == 0x5C
+ || codePoint == 0x5D
+ || codePoint == 0x5E
+ || codePoint == 0x7C
+ || codePoint == 0x7F;
+}
+
+for (let codePoint = 0; codePoint <= 0x7f; codePoint++) {
+ test(() => {
+ checkHostCodePoint(codePoint, isForbiddenHostCodePoint(codePoint));
+ }, "https host code point 0x" + codePoint.toString(16) + " (" + String.fromCodePoint(codePoint) + ")")
+}
Added: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.worker-expected.txt (0 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.worker-expected.txt (rev 0)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.worker-expected.txt 2021-10-21 00:03:30 UTC (rev 284588)
@@ -0,0 +1,131 @@
+
+PASS https host code point 0x0 (\0)
+PASS https host code point 0x1 (�)
+PASS https host code point 0x2 (�)
+PASS https host code point 0x3 (�)
+PASS https host code point 0x4 (�)
+PASS https host code point 0x5 (�)
+PASS https host code point 0x6 (�)
+PASS https host code point 0x7 (�)
+PASS https host code point 0x8 (�)
+PASS https host code point 0x9 ( )
+PASS https host code point 0xa (
+)
+PASS https host code point 0xb (�)
+PASS https host code point 0xc (�)
+PASS https host code point 0xd (\r)
+PASS https host code point 0xe (�)
+PASS https host code point 0xf (�)
+PASS https host code point 0x10 (�)
+PASS https host code point 0x11 (�)
+PASS https host code point 0x12 (�)
+PASS https host code point 0x13 (�)
+PASS https host code point 0x14 (�)
+PASS https host code point 0x15 (�)
+PASS https host code point 0x16 (�)
+PASS https host code point 0x17 (�)
+PASS https host code point 0x18 (�)
+PASS https host code point 0x19 (�)
+PASS https host code point 0x1a (�)
+PASS https host code point 0x1b (�)
+PASS https host code point 0x1c (�)
+PASS https host code point 0x1d (�)
+PASS https host code point 0x1e (�)
+PASS https host code point 0x1f (�)
+PASS https host code point 0x20 ( )
+PASS https host code point 0x21 (!)
+PASS https host code point 0x22 (")
+PASS https host code point 0x23 (#)
+PASS https host code point 0x24 ($)
+PASS https host code point 0x25 (%)
+PASS https host code point 0x26 (&)
+PASS https host code point 0x27 (')
+PASS https host code point 0x28 (()
+PASS https host code point 0x29 ())
+PASS https host code point 0x2a (*)
+PASS https host code point 0x2b (+)
+PASS https host code point 0x2c (,)
+PASS https host code point 0x2d (-)
+PASS https host code point 0x2e (.)
+PASS https host code point 0x2f (/)
+PASS https host code point 0x30 (0)
+PASS https host code point 0x31 (1)
+PASS https host code point 0x32 (2)
+PASS https host code point 0x33 (3)
+PASS https host code point 0x34 (4)
+PASS https host code point 0x35 (5)
+PASS https host code point 0x36 (6)
+PASS https host code point 0x37 (7)
+PASS https host code point 0x38 (8)
+PASS https host code point 0x39 (9)
+PASS https host code point 0x3a (:)
+PASS https host code point 0x3b (;)
+PASS https host code point 0x3c (<)
+PASS https host code point 0x3d (=)
+PASS https host code point 0x3e (>)
+PASS https host code point 0x3f (?)
+PASS https host code point 0x40 (@)
+PASS https host code point 0x41 (A)
+PASS https host code point 0x42 (B)
+PASS https host code point 0x43 (C)
+PASS https host code point 0x44 (D)
+PASS https host code point 0x45 (E)
+PASS https host code point 0x46 (F)
+PASS https host code point 0x47 (G)
+PASS https host code point 0x48 (H)
+PASS https host code point 0x49 (I)
+PASS https host code point 0x4a (J)
+PASS https host code point 0x4b (K)
+PASS https host code point 0x4c (L)
+PASS https host code point 0x4d (M)
+PASS https host code point 0x4e (N)
+PASS https host code point 0x4f (O)
+PASS https host code point 0x50 (P)
+PASS https host code point 0x51 (Q)
+PASS https host code point 0x52 (R)
+PASS https host code point 0x53 (S)
+PASS https host code point 0x54 (T)
+PASS https host code point 0x55 (U)
+PASS https host code point 0x56 (V)
+PASS https host code point 0x57 (W)
+PASS https host code point 0x58 (X)
+PASS https host code point 0x59 (Y)
+PASS https host code point 0x5a (Z)
+PASS https host code point 0x5b ([)
+PASS https host code point 0x5c (\)
+PASS https host code point 0x5d (])
+PASS https host code point 0x5e (^)
+PASS https host code point 0x5f (_)
+PASS https host code point 0x60 (`)
+PASS https host code point 0x61 (a)
+PASS https host code point 0x62 (b)
+PASS https host code point 0x63 (c)
+PASS https host code point 0x64 (d)
+PASS https host code point 0x65 (e)
+PASS https host code point 0x66 (f)
+PASS https host code point 0x67 (g)
+PASS https host code point 0x68 (h)
+PASS https host code point 0x69 (i)
+PASS https host code point 0x6a (j)
+PASS https host code point 0x6b (k)
+PASS https host code point 0x6c (l)
+PASS https host code point 0x6d (m)
+PASS https host code point 0x6e (n)
+PASS https host code point 0x6f (o)
+PASS https host code point 0x70 (p)
+PASS https host code point 0x71 (q)
+PASS https host code point 0x72 (r)
+PASS https host code point 0x73 (s)
+PASS https host code point 0x74 (t)
+PASS https host code point 0x75 (u)
+PASS https host code point 0x76 (v)
+PASS https host code point 0x77 (w)
+PASS https host code point 0x78 (x)
+PASS https host code point 0x79 (y)
+PASS https host code point 0x7a (z)
+PASS https host code point 0x7b ({)
+PASS https host code point 0x7c (|)
+PASS https host code point 0x7d (})
+PASS https host code point 0x7e (~)
+PASS https host code point 0x7f ()
+
Added: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.worker.html (0 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.worker.html (rev 0)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-character-sets.any.worker.html 2021-10-21 00:03:30 UTC (rev 284588)
@@ -0,0 +1 @@
+<!-- This file is required for WebKit test infrastructure to run the templated test -->
\ No newline at end of file
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-origin.any-expected.txt (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-origin.any-expected.txt 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-origin.any-expected.txt 2021-10-21 00:03:30 UTC (rev 284588)
@@ -263,8 +263,6 @@
PASS Origin parsing: <wow:%1G> against <about:blank>
PASS Origin parsing: <wow:\x{FFFF}> against <about:blank>
PASS Origin parsing: <http://example.com/U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}?U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}> against <about:blank>
-PASS Origin parsing: <http://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
-PASS Origin parsing: <sc://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
PASS Origin parsing: <ftp://%e2%98%83> against <about:blank>
PASS Origin parsing: <https://%e2%98%83> against <about:blank>
PASS Origin parsing: <http://127.0.0.1:10100/relative_import.html> against <about:blank>
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-origin.any.worker-expected.txt (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-origin.any.worker-expected.txt 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-origin.any.worker-expected.txt 2021-10-21 00:03:30 UTC (rev 284588)
@@ -263,8 +263,6 @@
PASS Origin parsing: <wow:%1G> against <about:blank>
PASS Origin parsing: <wow:\x{FFFF}> against <about:blank>
PASS Origin parsing: <http://example.com/U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}?U+d800U+dfff\x{FDD0}﷏\x{FDEF}ﷰ\x{FFFE}\x{FFFF}> against <about:blank>
-PASS Origin parsing: <http://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
-PASS Origin parsing: <sc://�!"$&'()*+,-.;=_`{}~/> against <about:blank>
PASS Origin parsing: <ftp://%e2%98%83> against <about:blank>
PASS Origin parsing: <https://%e2%98%83> against <about:blank>
PASS Origin parsing: <http://127.0.0.1:10100/relative_import.html> against <about:blank>
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-setters-stripping.any.js (284587 => 284588)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-setters-stripping.any.js 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/url/url-setters-stripping.any.js 2021-10-21 00:03:30 UTC (rev 284588)
@@ -66,7 +66,7 @@
["trailing", "test" + (scheme === "https" ? cpString : encodeURIComponent(cpString)), "test" + String.fromCodePoint(i)]
]) {
test(() => {
- const expected = i === 0x00 ? "host" : stripped ? "test" : expectedPart;
+ const expected = stripped ? "test" : "host";
const url = ""
url.host = input;
assert_equals(url.host, expected + ":8000", "property");
@@ -74,7 +74,7 @@
}, `Setting host with ${type} ${cpReference} (${scheme}:)`);
test(() => {
- const expected = i === 0x00 ? "host" : stripped ? "test" : expectedPart;
+ const expected = stripped ? "test" : "host";
const url = ""
url.hostname = input;
assert_equals(url.hostname, expected, "property");
Modified: trunk/Source/WTF/ChangeLog (284587 => 284588)
--- trunk/Source/WTF/ChangeLog 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/Source/WTF/ChangeLog 2021-10-21 00:03:30 UTC (rev 284588)
@@ -1,3 +1,17 @@
+2021-10-20 Alex Christensen <[email protected]>
+
+ URLParser should reject hosts with C0 control characters or U+007F
+ https://bugs.webkit.org/show_bug.cgi?id=232034
+
+ Reviewed by Tim Horton.
+
+ This matches Chrome and Firefox and was proposed to the standard at
+ https://github.com/whatwg/url/issues/627
+
+ * wtf/URLParser.cpp:
+ (WTF::isC0Control):
+ (WTF::isForbiddenHostCodePoint):
+
2021-10-20 Michael Catanzaro <[email protected]>
Do not use strerror()
Modified: trunk/Source/WTF/wtf/URLParser.cpp (284587 => 284588)
--- trunk/Source/WTF/wtf/URLParser.cpp 2021-10-21 00:02:20 UTC (rev 284587)
+++ trunk/Source/WTF/wtf/URLParser.cpp 2021-10-21 00:03:30 UTC (rev 284588)
@@ -63,37 +63,37 @@
static const uint8_t characterClassTable[256] = {
UserInfo | Default | QueryPercent | ForbiddenHost, // 0x0
- UserInfo | Default | QueryPercent, // 0x1
- UserInfo | Default | QueryPercent, // 0x2
- UserInfo | Default | QueryPercent, // 0x3
- UserInfo | Default | QueryPercent, // 0x4
- UserInfo | Default | QueryPercent, // 0x5
- UserInfo | Default | QueryPercent, // 0x6
- UserInfo | Default | QueryPercent, // 0x7
- UserInfo | Default | QueryPercent, // 0x8
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x1
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x2
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x3
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x4
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x5
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x6
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x7
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x8
UserInfo | Default | QueryPercent | ForbiddenHost, // 0x9
UserInfo | Default | QueryPercent | ForbiddenHost, // 0xA
- UserInfo | Default | QueryPercent, // 0xB
- UserInfo | Default | QueryPercent, // 0xC
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0xB
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0xC
UserInfo | Default | QueryPercent | ForbiddenHost, // 0xD
- UserInfo | Default | QueryPercent, // 0xE
- UserInfo | Default | QueryPercent, // 0xF
- UserInfo | Default | QueryPercent, // 0x10
- UserInfo | Default | QueryPercent, // 0x11
- UserInfo | Default | QueryPercent, // 0x12
- UserInfo | Default | QueryPercent, // 0x13
- UserInfo | Default | QueryPercent, // 0x14
- UserInfo | Default | QueryPercent, // 0x15
- UserInfo | Default | QueryPercent, // 0x16
- UserInfo | Default | QueryPercent, // 0x17
- UserInfo | Default | QueryPercent, // 0x18
- UserInfo | Default | QueryPercent, // 0x19
- UserInfo | Default | QueryPercent, // 0x1A
- UserInfo | Default | QueryPercent, // 0x1B
- UserInfo | Default | QueryPercent, // 0x1C
- UserInfo | Default | QueryPercent, // 0x1D
- UserInfo | Default | QueryPercent, // 0x1E
- UserInfo | Default | QueryPercent, // 0x1F
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0xE
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0xF
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x10
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x11
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x12
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x13
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x14
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x15
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x16
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x17
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x18
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x19
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x1A
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x1B
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x1C
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x1D
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x1E
+ UserInfo | Default | QueryPercent | ForbiddenHost, // 0x1F
UserInfo | Default | QueryPercent | ForbiddenHost, // ' '
0, // '!'
UserInfo | Default | QueryPercent, // '"'
@@ -189,7 +189,7 @@
UserInfo | ForbiddenHost, // '|'
UserInfo | Default, // '}'
0, // '~'
- QueryPercent, // 0x7F
+ QueryPercent | ForbiddenHost, // 0x7F
QueryPercent, // 0x80
QueryPercent, // 0x81
QueryPercent, // 0x82
@@ -330,7 +330,7 @@
template<typename CharacterType> ALWAYS_INLINE static bool isPercentOrNonASCII(CharacterType character) { return !isASCII(character) || character == '%'; }
template<typename CharacterType> ALWAYS_INLINE static bool isSlashQuestionOrHash(CharacterType character) { return character <= '\\' && characterClassTable[character] & SlashQuestionOrHash; }
template<typename CharacterType> ALWAYS_INLINE static bool isValidSchemeCharacter(CharacterType character) { return character <= 'z' && characterClassTable[character] & ValidScheme; }
-template<typename CharacterType> ALWAYS_INLINE static bool isForbiddenHostCodePoint(CharacterType character) { return character <= '|' && characterClassTable[character] & ForbiddenHost; }
+template<typename CharacterType> ALWAYS_INLINE static bool isForbiddenHostCodePoint(CharacterType character) { return character <= 0x7F && characterClassTable[character] & ForbiddenHost; }
ALWAYS_INLINE static bool shouldPercentEncodeQueryByte(uint8_t byte, const bool& urlIsSpecial)
{
if (characterClassTable[byte] & QueryPercent)
