Closed
Bug 285394
Opened 19 years ago
Closed 19 years ago
[FIX]Random 25-frame limit imposed on the length of a frameset spec
Categories
(Core :: Layout: Images, Video, and HTML Frames, defect, P2)
Tracking
()
RESOLVED
FIXED
mozilla1.8beta2
People
(Reporter: bzbarsky, Assigned: bzbarsky)
Details
Attachments
(2 files, 1 obsolete file)
386 bytes,
text/html
|
Details | |
12.47 KB,
patch
|
jst
:
review+
jst
:
superreview+
|
Details | Diff | Splinter Review |
We impose this random 25-frame limit on the length of a frameset spec (which makes a 625-frame limit on kids of a frameset, since you can specify both rows and cols, 25 of each; Michael, the WebSphere team may be interested in this tidbit to boost their frame counts by a factor of 25). The only reason we have this is that we're preallocating the array for these suckers. There's really no reason we have to do it that way.
Assignee | ||
Comment 1•19 years ago
|
||
Assignee | ||
Comment 2•19 years ago
|
||
Patch to fix. The change to nsAutoArrayPtr is not strictly needed; I can take that out. The rest is just using the counting we _already_ do to size the array of specs appropriately. Most of the changes are just s/aSpec/spec/ and s/aSpecs/specs/. There is a possible danger here of a page making us allocate a large array by having a specful of commas. Then again, it could also just dump oodles of HTML at us, so....
Attachment #176841 -
Flags: superreview?(jst)
Attachment #176841 -
Flags: review?(jst)
Assignee | ||
Comment 3•19 years ago
|
||
Attachment #176841 -
Attachment is obsolete: true
Attachment #176843 -
Flags: superreview?(jst)
Attachment #176843 -
Flags: review?(jst)
Assignee | ||
Updated•19 years ago
|
Attachment #176841 -
Flags: superreview?(jst)
Attachment #176841 -
Flags: superreview-
Attachment #176841 -
Flags: review?(jst)
Attachment #176841 -
Flags: review-
Assignee | ||
Updated•19 years ago
|
Priority: -- → P2
Summary: Random 25-frame limit imposed on the length of a frameset spec → [FIX]Random 25-frame limit imposed on the length of a frameset spec
Target Milestone: --- → mozilla1.8beta2
Comment 4•19 years ago
|
||
Comment on attachment 176843 [details] [diff] [review] Same, but remove gMaxNumRowColSpecs too. r+sr=jst, but it looks like this code could use less string copying and more string iterators. Wanna file a new bug on that, or squeeze it in here?
Attachment #176843 -
Flags: superreview?(jst)
Attachment #176843 -
Flags: superreview+
Attachment #176843 -
Flags: review?(jst)
Attachment #176843 -
Flags: review+
Assignee | ||
Comment 5•19 years ago
|
||
Looked through the code, but there's really no way to avoid the copying -- we need to copy to be able to use ToInteger() here... Therefore marking fixed (patch is in).
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Updated•6 years ago
|
Product: Core → Core Graveyard
Updated•6 years ago
|
Component: Layout: HTML Frames → Layout: Images
Product: Core Graveyard → Core
You need to log in
before you can comment on or make changes to this bug.
Description
•