Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 2706eb5a681558f5385b06356786b694a9a8c36e
      
https://github.com/WebKit/WebKit/commit/2706eb5a681558f5385b06356786b694a9a8c36e
  Author: Ahmad Saleem <[email protected]>
  Date:   2026-07-05 (Sun, 05 Jul 2026)

  Changed paths:
    M Source/WebCore/page/SecurityOrigin.cpp

  Log Message:
  -----------
  Remove dead decodeURLEscapeSequences() call in SecurityOrigin::create()
https://bugs.webkit.org/show_bug.cgi?id=318606
rdar://181402358

Reviewed by Alan Baradlay.

SecurityOrigin::create(protocol, host, port) computed a `decodedHost`
local via PAL::decodeURLEscapeSequences(host) but never used it: the URL
was built from the raw `host` instead. The value has been discarded
since the local was introduced, with no observed effect, because
URLParser::parseHostAndPort() already percent-decodes (and applies IDNA
to) the host component for special schemes. Manually pre-decoding and
re-embedding the host into a string to be reparsed would in fact be
incorrect -- e.g. a "%2F" host would decode to "/" and corrupt the
authority -- so deferring decoding to the URL parser is the correct
behavior.

Delete the dead store and the now-unused <pal/text/TextEncoding.h>
include. No change in behavior.

* Source/WebCore/page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::create):

Canonical link: https://commits.webkit.org/316527@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to