Open
Bug 725440
Opened 12 years ago
Updated 3 months ago
Filter strings script inserts into SVGStringList, and throw more
Categories
(Core :: SVG, defect)
Core
SVG
Tracking
()
NEW
People
(Reporter: jwatt, Unassigned)
Details
When the SVGStringList methods initialize(), insertItemBefore(), replaceItem() and appendItem() are used to insert bad things into a string list, we should really throw. After bug 724993's fix we'll throw for null and the empty string. We should: * probably also throw for strings containing whitespace (list items are supposed to be separated by whitespace, so allowing this breaks round-tripping) * maybe throw for strings containing any control characters, and maybe containing any non-ASCII characters? It would be handy if nsAString had a 'find_first_of'-like method to assist with this. Alternatively we could convert the nsAString to a C-string and use strpbrk. We should probably get the desired behavior clarified in the spec too.
Comment 1•12 years ago
|
||
systemLanguage is separated by commas, the others are space separated.
Reporter | ||
Comment 2•12 years ago
|
||
We can just add a flag to the stringListInfo (or somewhere) saying what's allowed. In the case of systemLanguage it seems like we'd want to ban commas too then.
Comment 3•12 years ago
|
||
we have a flag already but yes commas should not be allowed in systemLanguage
Comment 4•12 years ago
|
||
Sounds good to me. Filed https://www.w3.org/Graphics/SVG/WG/track/issues/2437 on the spec.
Updated•2 years ago
|
Severity: normal → S3
Comment 5•3 months ago
|
||
Filed an updated issue in the new tracker: https://github.com/w3c/svgwg/issues/930
You need to log in
before you can comment on or make changes to this bug.
Description
•