Closed Bug 727337 Opened 9 years ago Closed 9 years ago
Sanitizing HTMLSerializer allows invalid attributes by converting to ASCII
While looking at a change in bug 492931, bz noticed that mozSanitizingHTMLSerializer::IsAllowedAttribute() is returning false positives by lossily converting the UTF-16 attribute name to ASCII. Simply switching from the lossy conversion to a lossless UTF-16 to UTF-8 conversion should fix this, the extra non-ASCII characters making the attr_bag->Has() call fail. This patch applies on top of my patch in bug 492931, but it could easily be separated out.
Attachment #597271 - Flags: review?(bzbarsky)
Comment on attachment 597271 [details] [diff] [review] Switch to lossless (UTF-8) conversion to avoid false positives r=me. Good solution!
Attachment #597271 - Flags: review?(bzbarsky) → review+
Assignee: nobody → emanuel.hoogeveen
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
(In reply to Emanuel Hoogeveen from comment #0) > This patch applies on top of my patch in bug 492931, but it could easily be > separated out. Ah
Autoland Patchset: Patches: 597271 Branch: mozilla-central => try Error applying patch 597271 to mozilla-central. patching file content/base/src/mozSanitizingSerializer.cpp Hunk #1 FAILED at 549 1 out of 1 hunks FAILED -- saving rejects to file content/base/src/mozSanitizingSerializer.cpp.rej abort: patch failed to apply Could not apply and push patchset:
Sorry Ed, here's the patch split off from bug 492931. Carrying forward review+ as the refactoring itself is trivial and bz already looked at it once. Boris, let me know if that's not okay.
Comment on attachment 598483 [details] [diff] [review] Switch to lossless (UTF-8) conversion to avoid false positives https://tbpl.mozilla.org/?tree=Try&rev=9abfa93dc3d3 https://hg.mozilla.org/integration/mozilla-inbound/rev/9a6fcf299f29 :-)
Attachment #598483 - Flags: checkin?(bmo) → checkin+
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: mozilla13 → ---
You need to log in before you can comment on or make changes to this bug.