Closed
Bug 1302991
Opened 5 years ago
Closed 6 months ago
Empty url()s should not load anything
Categories
(Core :: CSS Parsing and Computation, defect)
Tracking
()
RESOLVED
FIXED
87 Branch
People
(Reporter: sebo, Assigned: emilio)
References
Details
Attachments
(4 files)
CSS Values 3 says[1] this: > If the value of the url() is the empty string (like url("") or url()), the url > must resolve to an invalid resource (similar to what the url about:invalid does). Though Gecko currently causes a request for them, as shown in the attached test case. Sebastian [1] https://drafts.csswg.org/css-values-3/#url-empty
|
||
Comment 1•5 years ago
|
||
The right fix here is probably to make css::URLValueData::GetURI() skip the NS_NewURI call if the string is null and hence treat the situation just like we treat NS_NewURI failing (i.e. invalid URL).
Mentor: bzbarsky
| Comment hidden (mozreview-request) |
|
||
Comment 3•5 years ago
|
||
@Boris: It seems that I couldn't assign you as a reviewer because you aren't accepting any requests; please feel free to review it whenever you can. :)
Also, since I am not at all familiar with this part of the codebase, I am not entirely sure if the one check that I inserted will handle all the empty/null string cases. It does work for the attached testcase though (which is url() and not url("") or something else). We should probably lock this down using a test as well.
|
||
Updated•4 years ago
|
Priority: -- → P3
|
Reporter | |
Comment 4•4 years ago
|
||
Comment on attachment 8805310 [details] Bug 1302991 - Empty url()s should not load or request anything David, as Boris currently doesn't accept review requests, could you please do a review for this? Or forward the request to someone else, so this code doesn't bitrot?
Attachment #8805310 -
Flags: review?(dbaron)
|
|
Reporter | |
Updated•4 years ago
|
Assignee: nobody → sumi29
Status: NEW → ASSIGNED
|
||
Comment 5•4 years ago
|
||
| mozreview-review | ||
Comment on attachment 8805310 [details] Bug 1302991 - Empty url()s should not load or request anything https://reviewboard.mozilla.org/r/89054/#review177634 Two surface concerns are: * it's better not to call NS_ConvertUTF16toUTF8(nsCSSValue::GetBufferValue(mString)) twice; it should instead be put in a variable. * mURIResolved should be set to true even if it's the empty string, so we don't keep executing the code However, the bigger concern is what happens with stylo. I'm not sure whether this code will still be used for this once we enable stylo (layout.css.servo.enabled). There probably are also a few other cases that would need to be handled, since this code doesn't handle url() for @import rules or @namespace rules and maybe for some other case.
Attachment #8805310 -
Flags: review?(dbaron)
|
|
||
Comment 6•4 years ago
|
||
Given how long this has sat already, I think it's best to come back to this in a month or two once stylo settles down.
Flags: needinfo?(dbaron)
|
|
||
Comment 7•4 years ago
|
||
Makes sense - thanks for the review David. Let's revisit this after the dust from Stylo has settled down.
|
|
||
Comment 8•3 years ago
|
||
Stylo has settled down. Probably worth looking at this again. Sumit, are you still in a position to work on this?
Flags: needinfo?(sumi29)
|
|
Reporter | |
Comment 9•2 years ago
|
||
Sumit obviously wasn't active on Bugzilla for more than a year and didn't answer to Boris' request, therefore I reset the assignee now.
Sebastian
Assignee: sumi29 → nobody
Status: ASSIGNED → NEW
Flags: needinfo?(sumi29)
|
|
||
Updated•1 year ago
|
Mentor: bzbarsky
Priority: P3 → --
|
|
Reporter | |
Comment 10•6 months ago
|
||
Stylo has settled for quite some time now, so maybe this could be reprioritized now.
For what it's worth, there was an issue mentioned on Stack Overflow lately, which was caused by this.
Furthermore, Chromium has the same issue and also has a bug filed for it.
Sebastian
|
|
Reporter | |
Updated•6 months ago
|
Flags: needinfo?(emilio)
|
Assignee | |
Updated•6 months ago
|
Flags: needinfo?(emilio)
Flags: needinfo?(dbaron)
|
|
Assignee | |
Comment 11•6 months ago
|
||
No behavior change, but the new place seems more appropriate.
|
||
Updated•6 months ago
|
Assignee: nobody → emilio
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 12•6 months ago
|
||
So as to not try to load the same document as a subresource.
Depends on D103716
|
||
Comment 13•6 months ago
|
||
Pushed by ealvarez@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/fd4ba1eeec00 Move the check to prevent loading internal resources as images. r=dholbert https://hg.mozilla.org/integration/autoland/rev/e4734e2b38b6 Do not try to resolve empty CSS url values. r=dholbert
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/27472 for changes under testing/web-platform/tests
|
||
Comment 15•6 months ago
•
|
||
Backed out for causing failures on empty.html.
Backout link: https://hg.mozilla.org/integration/autoland/rev/45de327a70b9ffd1beb3c0cde2a551ffee58b0c7
Failure log: https://treeherder.mozilla.org/logviewer?job_id=328802766&repo=autoland&lineNumber=3814
Flags: needinfo?(emilio)
Upstream PR was closed without merging
|
|
||
Comment 18•6 months ago
|
||
Pushed by ealvarez@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/5785ba1a0aba Move the check to prevent loading internal resources as images. r=dholbert https://hg.mozilla.org/integration/autoland/rev/a2e7db8b9e98 Do not try to resolve empty CSS url values. r=dholbert
|
||
Comment 19•6 months ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/5785ba1a0aba
https://hg.mozilla.org/mozilla-central/rev/a2e7db8b9e98
Status: ASSIGNED → RESOLVED
Closed: 6 months ago
status-firefox87:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 87 Branch
Upstream PR merged by moz-wptsync-bot
|
||
Updated•6 months ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•