Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 048ca0693a470cccab74bd26636b43ff3fa07332
https://github.com/WebKit/WebKit/commit/048ca0693a470cccab74bd26636b43ff3fa07332
Author: Youenn Fablet <[email protected]>
Date: 2025-01-15 (Wed, 15 Jan 2025)
Changed paths:
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any.serviceworker-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any.sharedworker-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any.worker-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any.serviceworker-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any.sharedworker-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any.worker-expected.txt
M Source/WTF/wtf/URLParser.cpp
M Source/WTF/wtf/URLParser.h
M Source/WebCore/Modules/url-pattern/URLPatternCanonical.cpp
Log Message:
-----------
URLPattern canonicalisation of hostname should check for forbidden host code
points
rdar://142950591
https://bugs.webkit.org/show_bug.cgi?id=285976
Reviewed by Anne van Kesteren.
URLPattern is relying on URL.setHost to validate the hostname.
This is not exactly matching the basic URL parser with hostname state as state
override.
In particular, setHost will split based on some forbidden code points like /, #
or ?.
To fix this, we add a specific forbidden host code point check in
canonicalizeHostname.
We skip these checks for IPv6 hostnames that will need further validation in a
follow-up.
Covered by rebased tests.
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any.serviceworker-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any.sharedworker-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.any.worker-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any.serviceworker-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any.sharedworker-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/urlpattern/urlpattern.https.any.worker-expected.txt:
* Source/WTF/wtf/URLParser.cpp:
(WTF::isForbiddenHostCodePoint):
(WTF::URLParser::isForbiddenHostCodePoint):
* Source/WTF/wtf/URLParser.h:
* Source/WebCore/Modules/url-pattern/URLPatternCanonical.cpp:
(WebCore::canonicalizeHostname):
Canonical link: https://commits.webkit.org/288927@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
