<script xmlns="http://www.w3.org/1999/xhtml "> leaks namespace to younger siblings
VERIFIED
FIXED
Status
()
People
(Reporter: benjamin, Assigned: peterv)
Tracking
({fixed1.8})
Firefox Tracking Flags
(Not tracked)
Details
Attachments
(3 attachments)
|
238 bytes,
text/xml
|
Details | |
|
3.41 KB,
patch
|
bzbarsky
:
review+
bzbarsky
:
superreview+
asa
:
approval1.8rc1+
|
Details | Diff | Splinter Review |
|
256 bytes,
application/xml
|
Details |
See attached testcase, basically <element xmlns="1"> <script xmlns="xhtml" src="foo" /> <foo /> </element> Foo has the wrong namespace. Which ends up screwing some significant number of published SVG examples and a lot of mixed XHTML+SVG content.
|
(Reporter) | |
Comment 1•13 years ago
|
||
Created attachment 200350 [details]
Testcase
|
||
Comment 2•13 years ago
|
||
This regressed between 2004-12-15-06 and 2004-12-16-08, so looks like we somehow fail to pop off the default namespace after the expat landing...
|
|
(Reporter) | |
Updated•13 years ago
|
Flags: blocking1.8rc1?
|
|
||
Comment 3•13 years ago
|
||
At a guess, we're adding the namespace binding, then bailing out when we block, and never removing the binding... Perhaps this is xmlparse.c line 2324? We call the endElementHandler in line 2321, but we want to make it down to line 2341 before returning the error, no? Or do we not want to clear the tempPool here? We definitely want that loop over the bindings, I'd think.
|
(Assignee) | |
Comment 4•13 years ago
|
||
Created attachment 200359 [details] [diff] [review] v1 It's going to be hard for me to test this soon, so if anyone could verify that this fixes the problem I'd be grateful.
Attachment #200359 -
Flags: superreview?(bzbarsky)
Attachment #200359 -
Flags: review?(bzbarsky)
|
|
||
Comment 5•13 years ago
|
||
Created attachment 200363 [details]
Nonempty tag testcase|
|
||
Comment 6•13 years ago
|
||
Comment on attachment 200359 [details] [diff] [review] v1 Yeah, that fixes both testcases. r+sr=bzbarsky. Can you check this in, or do you want me to?
Attachment #200359 -
Flags: superreview?(bzbarsky)
Attachment #200359 -
Flags: superreview+
Attachment #200359 -
Flags: review?(bzbarsky)
Attachment #200359 -
Flags: review+
|
||
Comment 7•13 years ago
|
||
please land and verify on the trunk.
|
|
(Assignee) | |
Comment 8•13 years ago
|
||
If you could, I'm off for the night.
|
|
||
Comment 9•13 years ago
|
||
Fixed on trunk.
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → FIXED
|
|
||
Comment 10•13 years ago
|
||
Comment on attachment 200359 [details] [diff] [review] v1 Requesting 1.8 branch approval. This is a pretty serious regression in our XML parsing. The fix is pretty safe -- just move our early returns to be not quite so early to allow expat to pop the namespaces associated with the just-closed element.
Attachment #200359 -
Flags: approval1.8rc1?
|
|
(Reporter) | |
Comment 11•13 years ago
|
||
Verified fixed on trunk, we should definitely take this on branch.
Status: RESOLVED → VERIFIED
|
|
||
Updated•13 years ago
|
Attachment #200359 -
Flags: approval1.8rc1? → approval1.8rc1+
|
|
(Assignee) | |
Comment 12•13 years ago
|
||
Checked in on branch. Thanks bz for your help.
Keywords: fixed1.8
|
|
||
Updated•13 years ago
|
Flags: blocking1.8rc1?
You need to log in
before you can comment on or make changes to this bug.
Description
•