[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.15.1-1414-gc69ee75
weinig at apple.com
weinig at apple.com
Thu Oct 29 20:43:34 UTC 2009
The following commit has been merged in the webkit-1.1 branch:
commit 5ed4ef06416c090523a99a8adc2d264413e301c0
Author: weinig at apple.com <weinig at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Tue Oct 13 00:47:41 2009 +0000
Fix for https://bugs.webkit.org/show_bug.cgi?id=29078
<rdar://problem/7288221>
Reviewed by Darin Adler.
WebCore:
Add a mechanism to blacklist certain codecs. Initially, just blacklist UTF-7 as HTML5 encourages.
* platform/text/TextEncodingRegistry.cpp:
(WebCore::pruneBlacklistedCodecs):
(WebCore::buildBaseTextCodecMaps):
(WebCore::extendTextCodecMaps):
LayoutTests:
Test the lack of UTF-7 support. Remove old UTF-7 tests.
* fast/encoding/char-decoding-expected.txt:
* fast/encoding/char-decoding.html:
* http/tests/misc/submit-get-in-utf7-expected.txt: Removed.
* http/tests/misc/submit-get-in-utf7.html: Removed.
* http/tests/misc/submit-post-in-utf7-expected.txt: Removed.
* http/tests/misc/submit-post-in-utf7.html: Removed.
* http/tests/misc/url-in-utf7-expected.txt: Removed.
* http/tests/misc/url-in-utf7.html: Removed.
* http/tests/security/xssAuditor/http-equiv-utf-7-encoded-expected.txt: Removed.
* http/tests/security/xssAuditor/http-equiv-utf-7-encoded.html: Removed.
* http/tests/security/xssAuditor/resources/echo-intertag-utf-7.pl: Removed.
* http/tests/security/xssAuditor/script-tag-utf-7-encoded-expected.txt: Removed.
* http/tests/security/xssAuditor/script-tag-utf-7-encoded.html: Removed.
* http/tests/security/xssAuditor/script-tag-utf-7-expected.txt: Removed.
* http/tests/security/xssAuditor/script-tag-utf-7.html: Removed.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@49487 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 67509d5..c09a103 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,28 @@
+2009-10-12 Sam Weinig <sam at webkit.org>
+
+ Reviewed by Darin Adler.
+
+ Fix for https://bugs.webkit.org/show_bug.cgi?id=29078
+ <rdar://problem/7288221>
+
+ Test the lack of UTF-7 support. Remove old UTF-7 tests.
+
+ * fast/encoding/char-decoding-expected.txt:
+ * fast/encoding/char-decoding.html:
+ * http/tests/misc/submit-get-in-utf7-expected.txt: Removed.
+ * http/tests/misc/submit-get-in-utf7.html: Removed.
+ * http/tests/misc/submit-post-in-utf7-expected.txt: Removed.
+ * http/tests/misc/submit-post-in-utf7.html: Removed.
+ * http/tests/misc/url-in-utf7-expected.txt: Removed.
+ * http/tests/misc/url-in-utf7.html: Removed.
+ * http/tests/security/xssAuditor/http-equiv-utf-7-encoded-expected.txt: Removed.
+ * http/tests/security/xssAuditor/http-equiv-utf-7-encoded.html: Removed.
+ * http/tests/security/xssAuditor/resources/echo-intertag-utf-7.pl: Removed.
+ * http/tests/security/xssAuditor/script-tag-utf-7-encoded-expected.txt: Removed.
+ * http/tests/security/xssAuditor/script-tag-utf-7-encoded.html: Removed.
+ * http/tests/security/xssAuditor/script-tag-utf-7-expected.txt: Removed.
+ * http/tests/security/xssAuditor/script-tag-utf-7.html: Removed.
+
2009-10-12 Dan Bernstein <mitz at apple.com>
Reviewed by Simon Fraser.
diff --git a/LayoutTests/fast/encoding/char-decoding-expected.txt b/LayoutTests/fast/encoding/char-decoding-expected.txt
index c4faf78..8699b98 100644
--- a/LayoutTests/fast/encoding/char-decoding-expected.txt
+++ b/LayoutTests/fast/encoding/char-decoding-expected.txt
@@ -153,6 +153,8 @@ PASS decode('dos-874', '%96') is 'U+2013'
PASS decode('dos-874', '%A0') is 'U+00A0'
PASS decode('dos-874', '%A1') is 'U+0E01'
PASS decode('dos-874', '%DB') is 'U+F8C1'
+PASS decode('UTF-7', '+AD4') is 'U+002B'
+PASS decode('utf-7', '+AD4') is 'U+002B'
PASS successfullyParsed is true
TEST COMPLETE
diff --git a/LayoutTests/fast/encoding/char-decoding.html b/LayoutTests/fast/encoding/char-decoding.html
index 118dad0..f17fc0e 100644
--- a/LayoutTests/fast/encoding/char-decoding.html
+++ b/LayoutTests/fast/encoding/char-decoding.html
@@ -83,6 +83,12 @@ var thai = {
batchTestDecode(thai);
+// UTF-7 is expressly forbidden, so decoding it should not work correctly.
+// This attempts to decode '<' as UTF-7 (+AD4) but it ends up being decoded
+// as a '+'.
+testDecode('UTF-7', '+AD4', 'U+002B');
+testDecode('utf-7', '+AD4', 'U+002B');
+
successfullyParsed = true;
</script>
diff --git a/LayoutTests/http/tests/misc/submit-get-in-utf7-expected.txt b/LayoutTests/http/tests/misc/submit-get-in-utf7-expected.txt
deleted file mode 100644
index 379ba4d..0000000
--- a/LayoutTests/http/tests/misc/submit-get-in-utf7-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-This test is for bug 21635. The query parameter in non-UTF-8 Unicode pages (UTF-7,16,32) should be converted to UTF-8 before a request is made to a server.
-
-SUCCESS: query param is converted to UTF-8
diff --git a/LayoutTests/http/tests/misc/submit-get-in-utf7.html b/LayoutTests/http/tests/misc/submit-get-in-utf7.html
deleted file mode 100644
index 56924d6..0000000
--- a/LayoutTests/http/tests/misc/submit-get-in-utf7.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-7">
-<script>
-if (window.layoutTestController) {
- layoutTestController.waitUntilDone();
- layoutTestController.dumpAsText();
-}
-
-function clickf()
-{
- document.f.submit();
- return true;
-}
-</script>
-</head>
-<body onload="clickf()">
-<form name="f" action="resources/check-query-param.php" method="get">
-<input name="q" type="text" value="™十">
-</form>
-</body>
-</html>
diff --git a/LayoutTests/http/tests/misc/submit-post-in-utf7-expected.txt b/LayoutTests/http/tests/misc/submit-post-in-utf7-expected.txt
deleted file mode 100644
index 379ba4d..0000000
--- a/LayoutTests/http/tests/misc/submit-post-in-utf7-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-This test is for bug 21635. The query parameter in non-UTF-8 Unicode pages (UTF-7,16,32) should be converted to UTF-8 before a request is made to a server.
-
-SUCCESS: query param is converted to UTF-8
diff --git a/LayoutTests/http/tests/misc/submit-post-in-utf7.html b/LayoutTests/http/tests/misc/submit-post-in-utf7.html
deleted file mode 100644
index 8f925a9..0000000
--- a/LayoutTests/http/tests/misc/submit-post-in-utf7.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-7">
-<script>
-if (window.layoutTestController) {
- layoutTestController.waitUntilDone();
- layoutTestController.dumpAsText();
-}
-
-function clickf()
-{
- document.f.submit();
- return true;
-}
-</script>
-</head>
-<body onload="clickf()">
-<form name="f" action="resources/check-query-param.php" method="post">
-<input name="q" type="text" value="™十">
-</form>
-</body>
-</html>
diff --git a/LayoutTests/http/tests/misc/url-in-utf7-expected.txt b/LayoutTests/http/tests/misc/url-in-utf7-expected.txt
deleted file mode 100644
index 1bfaaba..0000000
--- a/LayoutTests/http/tests/misc/url-in-utf7-expected.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-This test is for bug 21635. The query parameter in non-UTF-8 Unicode pages (UTF-7,16,32) should be converted to UTF-8 before a request is made to a server.
-SUCCESS: query param is converted to UTF-8
diff --git a/LayoutTests/http/tests/misc/url-in-utf7.html b/LayoutTests/http/tests/misc/url-in-utf7.html
deleted file mode 100644
index ba5d064..0000000
--- a/LayoutTests/http/tests/misc/url-in-utf7.html
+++ /dev/null
@@ -1,31 +0,0 @@
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-7">
-<script>
-if (window.layoutTestController) {
- layoutTestController.dumpAsText()
- layoutTestController.waitUntilDone();
-}
-
-function runTest()
-{
- var f = document.getElementById('theFrame');
- var r = document.getElementById('result');
- var o = f.contentDocument.getElementById('output').firstChild;
- if (o.nodeValue == '+AFw-u2122+AFw-u5341')
- r.innerHTML = "SUCCESS: query param is converted to UTF-8";
- else
- r.innerHTML = "FAILURE: query param is not converted to UTF-8. value=" +-
- o.nodeValue;
-
- if (window.layoutTestController)
- layoutTestController.notifyDone();
-}
-</script>
-</head>
-<body onload="runTest()">
-<iframe style="display: none;" id="theFrame" src="resources/echo-query-param.php?q=™十"></iframe>
-<div>This test is for <a href="https://bugs.webkit.org/show_bug.cgi?id=21635">bug 21635</a>. The query parameter in non-UTF-8 Unicode pages (UTF-7,16,32)
-should be converted to UTF-8 before a request is made to a server.
-<div id="result"></div>
-</html>
diff --git a/LayoutTests/http/tests/security/xssAuditor/http-equiv-utf-7-encoded-expected.txt b/LayoutTests/http/tests/security/xssAuditor/http-equiv-utf-7-encoded-expected.txt
deleted file mode 100644
index 513e2f8..0000000
--- a/LayoutTests/http/tests/security/xssAuditor/http-equiv-utf-7-encoded-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
-
-
diff --git a/LayoutTests/http/tests/security/xssAuditor/http-equiv-utf-7-encoded.html b/LayoutTests/http/tests/security/xssAuditor/http-equiv-utf-7-encoded.html
deleted file mode 100644
index c2474c0..0000000
--- a/LayoutTests/http/tests/security/xssAuditor/http-equiv-utf-7-encoded.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script>
-if (window.layoutTestController) {
- layoutTestController.dumpAsText();
- layoutTestController.setXSSAuditorEnabled(true);
-}
-</script>
-</head>
-<body>
-<iframe src='http://localhost:8000/security/xssAuditor/resources/echo-intertag-default-encode.pl?q=%3Cmeta+http-equiv%3D%22Content-Type%22+content%3D%22text/html%3B+charset%3DUTF-7%22/%3E%2BADwAcwBjAHIAaQBwAHQAPgBhAGwAZQByAHQAKAAxACkAPAAvAHMAYwByAGkAcAB0AD4-'>
-</iframe>
-</body>
-</html>
\ No newline at end of file
diff --git a/LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag-utf-7.pl b/LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag-utf-7.pl
deleted file mode 100755
index 07a95ae..0000000
--- a/LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag-utf-7.pl
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/usr/bin/perl -wT
-use strict;
-use CGI;
-
-my $cgi = new CGI;
-
-print "Content-Type: text/html; charset=UTF-7\n\n";
-
-print "<!DOCTYPE html>\n";
-print "<html>\n";
-print "<body>\n";
-print $cgi->param('q');
-print "</body>\n";
-print "</html>\n";
diff --git a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-encoded-expected.txt b/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-encoded-expected.txt
deleted file mode 100644
index 513e2f8..0000000
--- a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-encoded-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
-
-
diff --git a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-encoded.html b/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-encoded.html
deleted file mode 100644
index 3b0164c..0000000
--- a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-encoded.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script>
-if (window.layoutTestController) {
- layoutTestController.dumpAsText();
- layoutTestController.setXSSAuditorEnabled(true);
-}
-</script>
-</head>
-<body>
-<iframe src='http://localhost:8000/security/xssAuditor/resources/echo-intertag-utf-7.pl?q=%2bADwAcwBjAHIAaQBwAHQAPgBhAGwAZQByAHQAKAAxACkAPAAvAHMAYwByAGkAcAB0AD4-'>
-</iframe>
-</body>
-</html>
\ No newline at end of file
diff --git a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-expected.txt b/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-expected.txt
deleted file mode 100644
index 513e2f8..0000000
--- a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
-
-
diff --git a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7.html b/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7.html
deleted file mode 100644
index 1db5b7f..0000000
--- a/LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script>
-if (window.layoutTestController) {
- layoutTestController.dumpAsText();
- layoutTestController.setXSSAuditorEnabled(true);
-}
-</script>
-</head>
-<body>
-<iframe src="http://localhost:8000/security/xssAuditor/resources/echo-intertag-utf-7.pl?q=%2BAD4-%2BADw-script%2BAD4-alert(/XSS/)%2BADw-/script%2BAD4-">
-</iframe>
-</body>
-</html>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 2e894d2..27008d7 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,17 @@
+2009-10-12 Sam Weinig <sam at webkit.org>
+
+ Reviewed by Darin Adler.
+
+ Fix for https://bugs.webkit.org/show_bug.cgi?id=29078
+ <rdar://problem/7288221>
+
+ Add a mechanism to blacklist certain codecs. Initially, just blacklist UTF-7 as HTML5 encourages.
+
+ * platform/text/TextEncodingRegistry.cpp:
+ (WebCore::pruneBlacklistedCodecs):
+ (WebCore::buildBaseTextCodecMaps):
+ (WebCore::extendTextCodecMaps):
+
2009-10-09 Dave Hyatt <hyatt at apple.com>
Reviewed by Darin Adler.
diff --git a/WebCore/platform/text/TextEncodingRegistry.cpp b/WebCore/platform/text/TextEncodingRegistry.cpp
index 5d82511..d3e2965 100644
--- a/WebCore/platform/text/TextEncodingRegistry.cpp
+++ b/WebCore/platform/text/TextEncodingRegistry.cpp
@@ -129,6 +129,10 @@ static TextEncodingNameMap* textEncodingNameMap;
static TextCodecMap* textCodecMap;
static bool didExtendTextCodecMaps;
+static const char* const textEncodingNameBlacklist[] = {
+ "UTF-7"
+};
+
#if ERROR_DISABLED
static inline void checkExistingName(const char*, const char*) { }
@@ -171,6 +175,30 @@ static void addToTextCodecMap(const char* name, NewTextCodecFunction function, c
textCodecMap->add(atomicName, TextCodecFactory(function, additionalData));
}
+static void pruneBlacklistedCodecs()
+{
+ size_t blacklistedCodecListLength = sizeof(textEncodingNameBlacklist) / sizeof(textEncodingNameBlacklist[0]);
+ for (size_t i = 0; i < blacklistedCodecListLength; ++i) {
+ const char* atomicName = textEncodingNameMap->get(textEncodingNameBlacklist[i]);
+ if (!atomicName)
+ continue;
+
+ Vector<const char*> names;
+ TextEncodingNameMap::const_iterator it = textEncodingNameMap->begin();
+ TextEncodingNameMap::const_iterator end = textEncodingNameMap->end();
+ for (; it != end; ++it) {
+ if (it->second == atomicName)
+ names.append(it->first);
+ }
+
+ size_t length = names.size();
+ for (size_t j = 0; j < length; ++j)
+ textEncodingNameMap->remove(names[j]);
+
+ textCodecMap->remove(atomicName);
+ }
+}
+
static void buildBaseTextCodecMaps()
{
ASSERT(isMainThread());
@@ -221,6 +249,8 @@ static void extendTextCodecMaps()
TextCodecWince::registerExtendedEncodingNames(addToTextEncodingNameMap);
TextCodecWince::registerExtendedCodecs(addToTextCodecMap);
#endif
+
+ pruneBlacklistedCodecs();
}
PassOwnPtr<TextCodec> newTextCodec(const TextEncoding& encoding)
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list