Skip to site navigation (Press enter)

[webkit-changes] [126488] trunk

commit-queue Thu, 23 Aug 2012 15:47:52 -0700

Title: [126488] trunk

Revision: 126488
Author: [email protected]
Date: 2012-08-23 15:48:25 -0700 (Thu, 23 Aug 2012)

Log Message

Trailing spaces in CSP source lists should not generate console warnings.
https://bugs.webkit.org/show_bug.cgi?id=94847


Patch by Mike West <[email protected]> on 2012-08-23
Reviewed by Adam Barth.

Trailing space after a valid source in a Content Security Policy source
list was accidentally generating console warnings about an invalid
(empty) source. This patch silently ignores trailing whitespace instead.

Source/WebCore:

A test-case has been added to 'source-list-parsing-02.html' to cover
this case.

* page/ContentSecurityPolicy.cpp:
(WebCore::CSPSourceList::parse):
    Return early if we reach the end of the source list after skipping
    leading whitespace.

LayoutTests:

* http/tests/security/contentSecurityPolicy/source-list-parsing-02-expected.txt:
* http/tests/security/contentSecurityPolicy/source-list-parsing-02.html:

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02-expected.txt
trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02.html
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp

Diff

Modified: trunk/LayoutTests/ChangeLog (126487 => 126488)


--- trunk/LayoutTests/ChangeLog	2012-08-23 22:37:38 UTC (rev 126487)
+++ trunk/LayoutTests/ChangeLog	2012-08-23 22:48:25 UTC (rev 126488)
@@ -1,3 +1,17 @@
+2012-08-23  Mike West  <[email protected]>
+
+        Trailing spaces in CSP source lists should not generate console warnings.
+        https://bugs.webkit.org/show_bug.cgi?id=94847
+
+        Reviewed by Adam Barth.
+
+        Trailing space after a valid source in a Content Security Policy source
+        list was accidentally generating console warnings about an invalid
+        (empty) source. This patch silently ignores trailing whitespace instead.
+
+        * http/tests/security/contentSecurityPolicy/source-list-parsing-02-expected.txt:
+        * http/tests/security/contentSecurityPolicy/source-list-parsing-02.html:
+
 2012-08-23  Kenneth Russell  <[email protected]>
 
         [Chromium] LayoutTests: css3/selector3/xml tests are flaky / have wrong expectations on Snow Leopard

Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02-expected.txt (126487 => 126488)


--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02-expected.txt	2012-08-23 22:37:38 UTC (rev 126487)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02-expected.txt	2012-08-23 22:48:25 UTC (rev 126488)
@@ -16,3 +16,8 @@
 Frame: '<!--framePath //<!--frame2-->-->'
 --------
 PASS
+
+--------
+Frame: '<!--framePath //<!--frame3-->-->'
+--------
+PASS

Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02.html (126487 => 126488)


--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02.html	2012-08-23 22:37:38 UTC (rev 126487)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/source-list-parsing-02.html	2012-08-23 22:48:25 UTC (rev 126488)
@@ -6,7 +6,8 @@
 var tests = [
     ['yes', 'script-src\thttp://127.0.0.1:8000', 'resources/script.js'],
     ['yes', 'script-src http://127.0.0.1:8000   \t ', 'resources/script.js'],
-    ['yes', 'script-src http://127.0.0.1:* ', 'resources/script.js']
+    ['yes', 'script-src http://127.0.0.1:* ', 'resources/script.js'],
+    ['yes', 'script-src \'self\' chrome-extension-resource: ;', 'resources/script.js'],
 ];
 </script>
 </head>

Modified: trunk/Source/WebCore/ChangeLog (126487 => 126488)


--- trunk/Source/WebCore/ChangeLog	2012-08-23 22:37:38 UTC (rev 126487)
+++ trunk/Source/WebCore/ChangeLog	2012-08-23 22:48:25 UTC (rev 126488)
@@ -1,3 +1,22 @@
+2012-08-23  Mike West  <[email protected]>
+
+        Trailing spaces in CSP source lists should not generate console warnings.
+        https://bugs.webkit.org/show_bug.cgi?id=94847
+
+        Reviewed by Adam Barth.
+
+        Trailing space after a valid source in a Content Security Policy source
+        list was accidentally generating console warnings about an invalid
+        (empty) source. This patch silently ignores trailing whitespace instead.
+
+        A test-case has been added to 'source-list-parsing-02.html' to cover
+        this case.
+
+        * page/ContentSecurityPolicy.cpp:
+        (WebCore::CSPSourceList::parse):
+            Return early if we reach the end of the source list after skipping
+            leading whitespace.
+
 2012-08-23  Adam Barth  <[email protected]>
 
         [V8] OwnHandle is a bit of a misnomer

Modified: trunk/Source/WebCore/page/ContentSecurityPolicy.cpp (126487 => 126488)


--- trunk/Source/WebCore/page/ContentSecurityPolicy.cpp	2012-08-23 22:37:38 UTC (rev 126487)
+++ trunk/Source/WebCore/page/ContentSecurityPolicy.cpp	2012-08-23 22:48:25 UTC (rev 126488)
@@ -262,6 +262,9 @@
     bool isFirstSourceInList = true;
     while (position < end) {
         skipWhile<isASCIISpace>(position, end);
+        if (position == end)
+            return;
+
         const UChar* beginSource = position;
         skipWhile<isSourceCharacter>(position, end);

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes