Closed
Bug 977310
Opened 12 years ago
Closed 11 years ago
ASSERTION: Should have sanitized
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
mozilla30
People
(Reporter: tsmith, Assigned: jwatt)
References
Details
(Keywords: assertion, testcase)
Attachments
(2 files)
|
32 bytes,
text/html
|
Details | |
|
2.15 KB,
patch
|
smaug
:
review+
Sylvestre
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
###!!! ASSERTION: Should have sanitized: '!GetValueAsDecimal().isNaN()', file /builds/slave/m-in-l64-d-0000000000000000000/build/content/html/content/src/HTMLInputElement.cpp, line 6495
|
Reporter | |
Updated•12 years ago
|
|
||
Updated•12 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
Assignee | |
Comment 1•12 years ago
|
||
This is happening because HTMLInputElement::HasBadInput is being called before HTMLInputElement::DoneCreatingElement has been called to sanitize. So this is probably harmless, but I'll dig into in a bit more tomorrow.
Assignee: nobody → jwatt
|
|
Assignee | |
Comment 2•12 years ago
|
||
Yes, this is harmless. HTMLInputElement::UpdateAllValidityStates will be called again under DoneCreatingElement, correctly updating the validity state.
The issue is caused by a pre-existing bug (introduced in bug 665655) whereby we update the validity states of HTMLInputElement before the parser has finished creating it. We shouldn't do that since it's a waste of cycles and liable to give the wrong result since other attributes that affect the validity may well not have been processed yet.
OS: Linux → All
Hardware: x86_64 → All
Version: 30 Branch → 29 Branch
|
|
Assignee | |
Comment 3•12 years ago
|
||
Attachment #8382866 -
Flags: review?(bugs)
|
|
Assignee | |
Comment 4•11 years ago
|
||
|
||
Updated•11 years ago
|
Attachment #8382866 -
Flags: review?(bugs) → review+
|
|
Assignee | |
Comment 5•11 years ago
|
||
|
||
Comment 6•11 years ago
|
||
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla30
|
|
Assignee | |
Comment 7•11 years ago
|
||
Comment on attachment 8382866 [details] [diff] [review]
patch
[Approval Request Comment]
Bug caused by (feature/regressing bug #): bug 827161
User impact if declined: nothing much, but get's rid of assertions that should be harmless
Testing completed (on m-c, etc.): been on m-c a few days
Risk to taking this patch (and alternatives if risky): very low
String or IDL/UUID changes made by this patch: none
Attachment #8382866 -
Flags: approval-mozilla-aurora?
|
||
Updated•11 years ago
|
status-firefox29:
--- → affected
status-firefox30:
--- → fixed
|
|
||
Updated•11 years ago
|
Attachment #8382866 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
|
||
Comment 8•11 years ago
|
||
You need to log in
before you can comment on or make changes to this bug.
Description
•