Diff
Modified: trunk/Source/WebCore/ChangeLog (93749 => 93750)
--- trunk/Source/WebCore/ChangeLog 2011-08-25 00:35:44 UTC (rev 93749)
+++ trunk/Source/WebCore/ChangeLog 2011-08-25 00:59:51 UTC (rev 93750)
@@ -1,3 +1,18 @@
+2011-08-24 Eric Uhrhane <er...@chromium.org>
+
+ Reviewed by Adam Barth.
+
+ [filesystem/Chromium] Filesystem paths need proper URL escaping
+ https://bugs.webkit.org/show_bug.cgi?id=62811
+
+ Fix http://code.google.com/p/chromium/issues/detail?id=78860 by making
+ KURLChromium.cpp's escaping code actually work.
+
+ Make encodeWithURLEscapeSequences call into googleurl to do proper
+ escaping. Tested in WebKit/chromium/tests/KURLTest.cpp.
+ * platform/KURLGoogle.cpp:
+ (WebCore::encodeWithURLEscapeSequences):
+
2011-08-24 Chris Palmer <pal...@google.com>
Resolve potential integer overflow in memory allocation, and ensure
Modified: trunk/Source/WebCore/page/SecurityOrigin.cpp (93749 => 93750)
--- trunk/Source/WebCore/page/SecurityOrigin.cpp 2011-08-25 00:35:44 UTC (rev 93749)
+++ trunk/Source/WebCore/page/SecurityOrigin.cpp 2011-08-25 00:59:51 UTC (rev 93750)
@@ -65,7 +65,6 @@
return schemes.contains(scheme);
}
-
SecurityOrigin::SecurityOrigin(const KURL& url, SandboxFlags sandboxFlags)
: m_sandboxFlags(sandboxFlags)
, m_protocol(url.protocol().isNull() ? "" : url.protocol().lower())
@@ -91,7 +90,7 @@
isBlobOrFileSystemProtocol = true;
#endif
if (isBlobOrFileSystemProtocol) {
- KURL originURL(ParsedURLString, url.path());
+ KURL originURL(ParsedURLString, decodeURLEscapeSequences(url.path()));
if (originURL.isValid()) {
m_protocol = originURL.protocol().lower();
m_host = originURL.host().lower();
Modified: trunk/Source/WebCore/platform/KURLGoogle.cpp (93749 => 93750)
--- trunk/Source/WebCore/platform/KURLGoogle.cpp 2011-08-25 00:35:44 UTC (rev 93749)
+++ trunk/Source/WebCore/platform/KURLGoogle.cpp 2011-08-25 00:59:51 UTC (rev 93750)
@@ -834,15 +834,6 @@
protocol);
}
-// This is called to escape a URL string. It is only used externally when
-// constructing mailto: links to set the query section. Since our query setter
-// will automatically do the correct escaping, this function does not have to
-// do any work.
-//
-// There is a possibility that a future caller may use this function in other
-// ways, and may expect to get a valid URL string. The dangerous thing we want
-// to protect against here is accidentally getting '\0' characters in a string
-// that is not supposed to have them. Therefore, we escape these characters.
String encodeWithURLEscapeSequences(const String& notEncodedString)
{
CString utf8 = UTF8Encoding().encode(
@@ -851,15 +842,12 @@
URLEncodedEntitiesForUnencodables);
const char* input = utf8.data();
int inputLength = utf8.length();
+ url_canon::RawCanonOutputT<char> buffer;
+ if (buffer.length() < inputLength * 3)
+ buffer.Resize(inputLength * 3);
- Vector<char, 2048> buffer;
- for (int i = 0; i < inputLength; i++) {
- if (!input[i])
- buffer.append("%00", 3);
- else
- buffer.append(input[i]);
- }
- return String(buffer.data(), buffer.size());
+ url_util::EncodeURIComponent(input, inputLength, &buffer);
+ return String(buffer.data(), buffer.length());
}
bool KURL::isHierarchical() const
Modified: trunk/Source/WebKit/chromium/ChangeLog (93749 => 93750)
--- trunk/Source/WebKit/chromium/ChangeLog 2011-08-25 00:35:44 UTC (rev 93749)
+++ trunk/Source/WebKit/chromium/ChangeLog 2011-08-25 00:59:51 UTC (rev 93750)
@@ -1,3 +1,23 @@
+2011-08-24 Eric Uhrhane <er...@chromium.org>
+
+ Reviewed by Adam Barth.
+
+ [filesystem/Chromium] Filesystem paths need proper URL escaping
+ https://bugs.webkit.org/show_bug.cgi?id=62811
+
+ Fix http://code.google.com/p/chromium/issues/detail?id=78860 by making
+ KURLChromium.cpp's escaping code actually work.
+
+ Here I added the needed calls to encodeWithURLEscapeSequences.
+ * src/AsyncFileSystemChromium.cpp:
+ (WebCore::AsyncFileSystemChromium::virtualPathToFileSystemURL):
+ * src/WorkerAsyncFileSystemChromium.cpp:
+ (WebCore::WorkerAsyncFileSystemChromium::virtualPathToFileSystemURL):
+
+ Here I updated the test to reflect the new functionality in
+ encodeWithURLEscapeSequences.
+ * tests/KURLTest.cpp:
+
2011-08-24 Ilya Sherman <isher...@chromium.org>
Remove some dead Autofill code
Modified: trunk/Source/WebKit/chromium/src/AsyncFileSystemChromium.cpp (93749 => 93750)
--- trunk/Source/WebKit/chromium/src/AsyncFileSystemChromium.cpp 2011-08-25 00:35:44 UTC (rev 93749)
+++ trunk/Source/WebKit/chromium/src/AsyncFileSystemChromium.cpp 2011-08-25 00:59:51 UTC (rev 93750)
@@ -177,7 +177,7 @@
ASSERT(!m_filesystemRootURL.isEmpty());
KURL url = ""
// Remove the extra leading slash.
- url.setPath(url.path() + virtualPath.substring(1));
+ url.setPath(url.path() + encodeWithURLEscapeSequences(virtualPath.substring(1)));
return url;
}
Modified: trunk/Source/WebKit/chromium/src/WorkerAsyncFileSystemChromium.cpp (93749 => 93750)
--- trunk/Source/WebKit/chromium/src/WorkerAsyncFileSystemChromium.cpp 2011-08-25 00:35:44 UTC (rev 93749)
+++ trunk/Source/WebKit/chromium/src/WorkerAsyncFileSystemChromium.cpp 2011-08-25 00:59:51 UTC (rev 93750)
@@ -227,7 +227,7 @@
ASSERT(!m_filesystemRootURL.isEmpty());
KURL url = ""
// Remove the extra leading slash.
- url.setPath(url.path() + virtualPath.substring(1));
+ url.setPath(url.path() + encodeWithURLEscapeSequences(virtualPath.substring(1)));
return url;
}
Modified: trunk/Source/WebKit/chromium/tests/KURLTest.cpp (93749 => 93750)
--- trunk/Source/WebKit/chromium/tests/KURLTest.cpp 2011-08-25 00:35:44 UTC (rev 93749)
+++ trunk/Source/WebKit/chromium/tests/KURLTest.cpp 2011-08-25 00:59:51 UTC (rev 93750)
@@ -306,23 +306,51 @@
TEST(KURLTest, Encode)
{
+ struct EncodeCase {
+ const char* input;
+ const char* output;
+ } encode_cases[] = {
+ {"hello, world", "hello%2C%20world"},
+ {"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
+ "%01%02%03%04%05%06%07%08%09%0A%0B%0C%0D%0E%0F"},
+ {"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
+ "%10%11%12%13%14%15%16%17%18%19%1A%1B%1C%1D%1E%1F"},
+ {" !\"#$%&'()*+,-./",
+ "%20!%22%23%24%25%26'()*%2B%2C-.%2F"},
+ {"0123456789:;<=>?",
+ "0123456789%3A%3B%3C%3D%3E%3F"},
+ {"@ABCDEFGHIJKLMNO",
+ "%40ABCDEFGHIJKLMNO"},
+ {"PQRSTUVWXYZ[\\]^_",
+ "PQRSTUVWXYZ%5B%5C%5D%5E_"},
+ {"`abcdefghijklmno",
+ "%60abcdefghijklmno"},
+ {"pqrstuvwxyz{|}~\x7f",
+ "pqrstuvwxyz%7B%7C%7D~%7F"},
+ };
+
+ for (size_t i = 0; i < ARRAYSIZE_UNSAFE(encode_cases); i++) {
+ WTF::String input(encode_cases[i].input);
+ WTF::String expectedOutput(encode_cases[i].output);
+ WTF::String output = WebCore::encodeWithURLEscapeSequences(input);
+ EXPECT_EQ(expectedOutput, output);
+ }
+
+ // Our encode escapes NULLs for safety, so we need to check that too.
+ WTF::String input("\x00\x01", 2);
+ WTF::String reference("%00%01");
+
+ WTF::String output = WebCore::encodeWithURLEscapeSequences(input);
+ EXPECT_EQ(reference, output);
+
// Also test that it gets converted to UTF-8 properly.
char16 wideInputHelper[3] = { 0x4f60, 0x597d, 0 };
WTF::String wideInput(
reinterpret_cast<const ::UChar*>(wideInputHelper), 2);
- WTF::String wideReference("\xe4\xbd\xa0\xe5\xa5\xbd", 6);
+ WTF::String wideReference("%E4%BD%A0%E5%A5%BD");
WTF::String wideOutput =
WebCore::encodeWithURLEscapeSequences(wideInput);
EXPECT_EQ(wideReference, wideOutput);
-
- // Our encode only escapes NULLs for safety (see the implementation for
- // more), so we only bother to test a few cases.
- WTF::String input(
- "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", 16);
- WTF::String reference(
- "%00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", 18);
- WTF::String output = WebCore::encodeWithURLEscapeSequences(input);
- EXPECT_EQ(reference, output);
}
TEST(KURLTest, ResolveEmpty)
