Closed
Bug 727337
Opened 12 years ago
Closed 12 years ago
mozSanitizingHTMLSerializer allows invalid attributes by converting to ASCII
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
mozilla13
People
(Reporter: ehoogeveen, Assigned: ehoogeveen)
Details
Attachments
(1 file, 1 obsolete file)
|
1.07 KB,
patch
|
ehoogeveen
:
review+
emorley
:
checkin+
|
Details | Diff | Splinter Review |
While looking at a change in bug 492931, bz noticed that mozSanitizingHTMLSerializer::IsAllowedAttribute() is returning false positives by lossily converting the UTF-16 attribute name to ASCII. Simply switching from the lossy conversion to a lossless UTF-16 to UTF-8 conversion should fix this, the extra non-ASCII characters making the attr_bag->Has() call fail. This patch applies on top of my patch in bug 492931, but it could easily be separated out.
Attachment #597271 -
Flags: review?(bzbarsky)
|
Assignee | |
Updated•12 years ago
|
Hardware: x86_64 → All
|
||
Comment 1•12 years ago
|
||
Comment on attachment 597271 [details] [diff] [review] Switch to lossless (UTF-8) conversion to avoid false positives r=me. Good solution!
Attachment #597271 -
Flags: review?(bzbarsky) → review+
|
||
Updated•12 years ago
|
Assignee: nobody → emanuel.hoogeveen
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Keywords: checkin-needed
Whiteboard: [autoland-try]
|
||
Updated•12 years ago
|
Whiteboard: [autoland-try] → [autoland-in-queue]
|
|
||
Comment 2•12 years ago
|
||
(In reply to Emanuel Hoogeveen from comment #0) > This patch applies on top of my patch in bug 492931, but it could easily be > separated out. Ah
Keywords: checkin-needed
Whiteboard: [autoland-in-queue]
|
|
||
Comment 3•12 years ago
|
||
Autoland Patchset: Patches: 597271 Branch: mozilla-central => try Error applying patch 597271 to mozilla-central. patching file content/base/src/mozSanitizingSerializer.cpp Hunk #1 FAILED at 549 1 out of 1 hunks FAILED -- saving rejects to file content/base/src/mozSanitizingSerializer.cpp.rej abort: patch failed to apply Could not apply and push patchset:
|
|
Assignee | |
Comment 4•12 years ago
|
||
Sorry Ed, here's the patch split off from bug 492931. Carrying forward review+ as the refactoring itself is trivial and bz already looked at it once. Boris, let me know if that's not okay.
Attachment #597271 -
Attachment is obsolete: true
Attachment #598483 -
Flags: review+
Attachment #598483 -
Flags: checkin?(bmo)
|
|
||
Comment 5•12 years ago
|
||
Comment on attachment 598483 [details] [diff] [review] Switch to lossless (UTF-8) conversion to avoid false positives https://tbpl.mozilla.org/?tree=Try&rev=9abfa93dc3d3 https://hg.mozilla.org/integration/mozilla-inbound/rev/9a6fcf299f29 :-)
Attachment #598483 -
Flags: checkin?(bmo) → checkin+
|
|
||
Updated•12 years ago
|
Target Milestone: --- → mozilla13
|
|
||
Comment 6•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/9a6fcf299f29
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Updated•12 years ago
|
Target Milestone: --- → mozilla13
You need to log in
before you can comment on or make changes to this bug.
Description
•