Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-28 15:23:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1299373. Scripts with an empty src attribute should not execute. r=bkelly

Browse Source
This commit is contained in:
Boris Zbarsky 2016-09-07 14:21:36 -04:00
parent 4e2656ef99
commit e664d8bcd3
5 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
dom/html/HTMLScriptElement.cpp
View File

@ -139,6 +139,10 @@ HTMLScriptElement::SetText(const nsAString& aValue, ErrorResult& rv)
NS_IMPL_STRING_ATTR(HTMLScriptElement, Charset, charset)
NS_IMPL_BOOL_ATTR(HTMLScriptElement, Defer, defer)
// If this ever gets changed to return "" if the attr value is "" (see
// https://github.com/whatwg/html/issues/1739 for why it might not get changed),
// it may be worth it to use GetSrc instead of GetAttr and manual
// NewURIWithDocumentCharset in FreezeUriAsyncDefer.
NS_IMPL_URI_ATTR(HTMLScriptElement, Src, src)
NS_IMPL_STRING_ATTR(HTMLScriptElement, Type, type)
NS_IMPL_STRING_ATTR(HTMLScriptElement, HtmlFor, _for)
@ -270,11 +274,17 @@ HTMLScriptElement::FreezeUriAsyncDefer()
}
// variation of this code in nsSVGScriptElement - check if changes
// need to be transfered when modifying
if (HasAttr(kNameSpaceID_None, nsGkAtoms::src)) {
nsAutoString src;
GetSrc(src);
NS_NewURI(getter_AddRefs(mUri), src);
// need to be transfered when modifying. Note that we don't use GetSrc here
// because it will return the base URL when the attr value is "".
nsAutoString src;
if (GetAttr(kNameSpaceID_None, nsGkAtoms::src, src)) {
// Empty src should be treated as invalid URL.
if (!src.IsEmpty()) {
nsCOMPtr<nsIURI> baseURI = GetBaseURI();
nsContentUtils::NewURIWithDocumentCharset(getter_AddRefs(mUri),
src, OwnerDoc(), baseURI);
}
// At this point mUri will be null for invalid URLs.
mExternal = true;

8
dom/svg/SVGScriptElement.cpp
View File

@ -154,8 +154,12 @@ SVGScriptElement::FreezeUriAsyncDefer()
mStringAttributes[XLINK_HREF].GetAnimValue(src, this);
}
nsCOMPtr<nsIURI> baseURI = GetBaseURI();
NS_NewURI(getter_AddRefs(mUri), src, nullptr, baseURI);
// Empty src should be treated as invalid URL.
if (!src.IsEmpty()) {
nsCOMPtr<nsIURI> baseURI = GetBaseURI();
NS_NewURI(getter_AddRefs(mUri), src, nullptr, baseURI);
}
// At this point mUri will be null for invalid URLs.
mExternal = true;
}

5
testing/web-platform/meta/html/semantics/scripting-1/the-script-element/fetch-src/empty-with-base.html.ini
View File

@ -1,5 +0,0 @@
[empty-with-base.html]
type: testharness
[Script src with an empty URL]
expected: FAIL

5
testing/web-platform/meta/html/semantics/scripting-1/the-script-element/fetch-src/empty.html.ini
View File

@ -1,5 +0,0 @@
[empty.html]
type: testharness
[Script src with an empty URL]
expected: FAIL

3
testing/web-platform/meta/old-tests/submission/Opera/script_scheduling/137.html.ini
View File

@ -1,3 +0,0 @@
[137.html]
type: testharness
expected: ERROR