[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
commit-queue at webkit.org
commit-queue at webkit.org
Wed Dec 22 13:40:51 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit 3a715701158049d0ef4652a4aefcc2ffc754cc93
Author: commit-queue at webkit.org <commit-queue at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Thu Sep 23 06:59:01 2010 +0000
2010-09-22 Luke Macpherson <macpherson at chromium.org>
Reviewed by Alexey Proskuryakov.
Don't allow empty strings as tokens in xmlhttprequest, as per rfc2616 section 2.2.
XMLHttpRequest: setRequestHeader() does not throw SYNTAX_ERR exception if the header field name is empty
https://bugs.webkit.org/show_bug.cgi?id=46151
Test: http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name.html
* xml/XMLHttpRequest.cpp:
(WebCore::isValidToken):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@68124 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-open-empty-method-expected.txt b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-open-empty-method-expected.txt
new file mode 100644
index 0000000..533fad2
--- /dev/null
+++ b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-open-empty-method-expected.txt
@@ -0,0 +1,3 @@
+Test that open throws a SYNTAX_ERR exception when called with an empty method.
+
+SUCCESS: got exception Error: SYNTAX_ERR: DOM Exception 12
diff --git a/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-open-empty-method.html b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-open-empty-method.html
new file mode 100644
index 0000000..8b4b966
--- /dev/null
+++ b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-open-empty-method.html
@@ -0,0 +1,19 @@
+<html>
+<body>
+<p>Test that open throws a SYNTAX_ERR exception when called with an empty method.</p>
+<pre id="result">FAIL: script didn't run or raised an unexpected exception.</pre>
+<script>
+ if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+ var result = "FAIL: no exception was caught";
+ var req = new XMLHttpRequest;
+ try {
+ req.open("", "resources/print-headers.cgi", false);
+ } catch (ex) {
+ result = "SUCCESS: got exception " + ex;
+ }
+ document.getElementById("result").textContent = result;
+</script>
+</body>
+</html>
diff --git a/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name-expected.txt b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name-expected.txt
new file mode 100644
index 0000000..0403af4
--- /dev/null
+++ b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name-expected.txt
@@ -0,0 +1,3 @@
+Test that setRequestHeader throws a SYNTAX_ERR exception when called with an empty header name.
+
+SUCCESS: got exception Error: SYNTAX_ERR: DOM Exception 12
diff --git a/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name.html b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name.html
new file mode 100644
index 0000000..0ce4c8f
--- /dev/null
+++ b/LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name.html
@@ -0,0 +1,21 @@
+<html>
+<body>
+<p>Test that setRequestHeader throws a SYNTAX_ERR exception when called with an empty header name.</p>
+<pre id="result">FAIL: script didn't run or raised an unexpected exception.</pre>
+<script>
+ if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+ var result = "FAIL: no exception was caught";
+ var req = new XMLHttpRequest;
+ req.open("GET", "resources/print-headers.cgi", false);
+
+ try {
+ req.setRequestHeader("", "DUMMY");
+ } catch (ex) {
+ result = "SUCCESS: got exception " + ex;
+ }
+ document.getElementById("result").textContent = result;
+</script>
+</body>
+</html>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index a081caa..c1cffb6 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,17 @@
+2010-09-22 Luke Macpherson <macpherson at chromium.org>
+
+ Reviewed by Alexey Proskuryakov.
+
+ Don't allow empty strings as tokens in xmlhttprequest, as per rfc2616 section 2.2.
+
+ XMLHttpRequest: setRequestHeader() does not throw SYNTAX_ERR exception if the header field name is empty
+ https://bugs.webkit.org/show_bug.cgi?id=46151
+
+ Test: http/tests/xmlhttprequest/xmlhttprequest-setrequestheader-no-name.html
+
+ * xml/XMLHttpRequest.cpp:
+ (WebCore::isValidToken):
+
2010-09-22 Kwang Yul Seo <skyul at company100.net>
Reviewed by Adam Barth.
diff --git a/WebCore/xml/XMLHttpRequest.cpp b/WebCore/xml/XMLHttpRequest.cpp
index 9c7d076..07a816d 100644
--- a/WebCore/xml/XMLHttpRequest.cpp
+++ b/WebCore/xml/XMLHttpRequest.cpp
@@ -115,7 +115,7 @@ static bool isValidToken(const String& name)
return false;
}
- return true;
+ return length > 0;
}
static bool isValidHeaderValue(const String& name)
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list