<script href=""> probably shouldn't try to re-parse our document as JS (likewise for <svg:script xlink:href="">)

NEW
Unassigned

Status

()

Core
DOM
6 years ago
6 years ago

People

(Reporter: dholbert, Unassigned)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

6 years ago
The fix for bug 528444 just landed, which changed our behavior on content like:
>  <svg:script xlink:href="">
>    alert("FAIL");
>  </svg:script>

Previously, we treated that as if xlink:href weren't set at all.  But now we:
 (a) resolve "" as "this document's URI", and attempt (& fail) to reparse the document as javascript)
 (b) ignore the inline script, since xlink:href is set

Per bug 528444 comment 1 and bug 528444 comment 16, we definitely want part "b" (ignore inline script) but we don't necessarily want part "a". (for consistency with our HTML behavior, and also because it's almost certainly not what the author wants/expects)

I'm filing this bug on possibly removing part "a" above.
This *is* consistent with out current html behaviour.

void
nsHTMLScriptElement::FreezeUriAsyncDefer()
{
  if (mFrozen) {
    return;
  }
  
  // variation of this code in nsSVGScriptElement - check if changes
  // need to be transfered when modifying
  if (HasAttr(kNameSpaceID_None, nsGkAtoms::src)) {
...

bool
nsHTMLScriptElement::HasScriptContent()
{
  return (mFrozen ? mExternal : HasAttr(kNameSpaceID_None, nsGkAtoms::src)) ||
         nsContentUtils::HasNonEmptyTextContent(this);
}

If it needs fixing then it needs fixing for both SVG and html at the same time and this shouldn't be an SVG bug but some general content bug I expect.
(Reporter)

Comment 2

6 years ago
OK -- Jonas, so by
> we have moved towards letting <someelement src=""> not load anything.
I take it you meant "we're moving in that direction but haven't made that change for html:script yet?

(and if so, could you suggest a new component for this bug to live in, to be about both html:script and svg:script?)
We already did it for images perhaps that's what Jonas was thinking of.
Yeah, it appears we haven't done this for HTML script elements yet. Feel free to do those in this bug too.

Note that we'll want to mark the script as "executed" even if it just has an empty src attribute. So the place to fix this is likely somewhere here:

http://mxr.mozilla.org/mozilla-central/source/content/html/content/src/nsHTMLScriptElement.cpp?force=1#306

where it should set mUri to null.
(Reporter)

Updated

6 years ago
Component: SVG → DOM
QA Contact: general → general
(Reporter)

Updated

6 years ago
Summary: SVG <script xlink:href=""> probably shouldn't try to re-parse our document as JS → <script href=""> probably shouldn't try to re-parse our document as JS (likewise for <svg:script xlink:href="")
(Reporter)

Updated

6 years ago
Summary: <script href=""> probably shouldn't try to re-parse our document as JS (likewise for <svg:script xlink:href="") → <script href=""> probably shouldn't try to re-parse our document as JS (likewise for <svg:script xlink:href="">)
You need to log in before you can comment on or make changes to this bug.