Diff
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (261060 => 261061)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2020-05-03 09:53:55 UTC (rev 261061)
@@ -1,3 +1,17 @@
+2020-05-03 Rob Buis <[email protected]>
+
+ atob() should not accept a vertical tab
+ https://bugs.webkit.org/show_bug.cgi?id=184529
+
+ Reviewed by Darin Adler.
+
+ Update improved test expectations.
+
+ * web-platform-tests/fetch/data-urls/base64.any-expected.txt:
+ * web-platform-tests/fetch/data-urls/base64.any.worker-expected.txt:
+ * web-platform-tests/fetch/data-urls/resources/base64.json: Add test for unicode whitespace.
+ * web-platform-tests/html/webappapis/atob/base64-expected.txt:
+
2020-05-02 Devin Rousso <[email protected]>
[CSS Easing 1] implement `jump-*` step positions
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/base64.any-expected.txt (261060 => 261061)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/base64.any-expected.txt 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/base64.any-expected.txt 2020-05-03 09:53:55 UTC (rev 261061)
@@ -50,7 +50,9 @@
PASS data: URL base64 handling: "ab=c="
PASS data: URL base64 handling: "abc=d"
PASS data: URL base64 handling: "abc=d="
-FAIL data: URL base64 handling: "ab\vcd" assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS data: URL base64 handling: "ab\vcd"
+PASS data: URL base64 handling: "ab cd"
+PASS data: URL base64 handling: "ab、cd"
PASS data: URL base64 handling: "ab\tcd"
PASS data: URL base64 handling: "ab\ncd"
PASS data: URL base64 handling: "ab\fcd"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/base64.any.worker-expected.txt (261060 => 261061)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/base64.any.worker-expected.txt 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/base64.any.worker-expected.txt 2020-05-03 09:53:55 UTC (rev 261061)
@@ -50,7 +50,9 @@
PASS data: URL base64 handling: "ab=c="
PASS data: URL base64 handling: "abc=d"
PASS data: URL base64 handling: "abc=d="
-FAIL data: URL base64 handling: "ab\vcd" assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS data: URL base64 handling: "ab\vcd"
+PASS data: URL base64 handling: "ab cd"
+PASS data: URL base64 handling: "ab、cd"
PASS data: URL base64 handling: "ab\tcd"
PASS data: URL base64 handling: "ab\ncd"
PASS data: URL base64 handling: "ab\fcd"
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/resources/base64.json (261060 => 261061)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/resources/base64.json 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/resources/base64.json 2020-05-03 09:53:55 UTC (rev 261061)
@@ -50,6 +50,8 @@
["abc=d", null],
["abc=d=", null],
["ab\u000Bcd", null],
+ ["ab\u3000cd", null],
+ ["ab\u3001cd", null],
["ab\tcd", [105, 183, 29]],
["ab\ncd", [105, 183, 29]],
["ab\fcd", [105, 183, 29]],
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/webappapis/atob/base64-expected.txt (261060 => 261061)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/webappapis/atob/base64-expected.txt 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/webappapis/atob/base64-expected.txt 2020-05-03 09:53:55 UTC (rev 261061)
@@ -335,7 +335,9 @@
PASS atob("ab=c=")
PASS atob("abc=d")
PASS atob("abc=d=")
-FAIL atob("ab\vcd") assert_throws: function "() => window.atob(input)" did not throw
+PASS atob("ab\vcd")
+PASS atob("ab cd")
+PASS atob("ab、cd")
PASS atob("ab\tcd")
PASS atob("ab\ncd")
PASS atob("ab\fcd")
Modified: trunk/Source/WTF/ChangeLog (261060 => 261061)
--- trunk/Source/WTF/ChangeLog 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/Source/WTF/ChangeLog 2020-05-03 09:53:55 UTC (rev 261061)
@@ -1,3 +1,17 @@
+2020-05-03 Rob Buis <[email protected]>
+
+ atob() should not accept a vertical tab
+ https://bugs.webkit.org/show_bug.cgi?id=184529
+
+ Reviewed by Darin Adler.
+
+ Add an option to allow discarding of base64 decoding
+ when a vertical tab is encountered.
+
+ * wtf/text/Base64.cpp:
+ (WTF::base64DecodeInternal):
+ * wtf/text/Base64.h:
+
2020-05-02 Mark Lam <[email protected]>
Gardening: rolling out r261050 and r261051.
Modified: trunk/Source/WTF/wtf/text/Base64.cpp (261060 => 261061)
--- trunk/Source/WTF/wtf/text/Base64.cpp 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/Source/WTF/wtf/text/Base64.cpp 2020-05-03 09:53:55 UTC (rev 261061)
@@ -209,7 +209,8 @@
break;
}
out[outLength++] = decodedCharacter;
- } else if (!(options & Base64IgnoreSpacesAndNewLines) || !isSpaceOrNewline(ch)) {
+ } else if (!(options & Base64IgnoreSpacesAndNewLines)
+ || (!isLatin1(ch) || !isASCIISpace(ch) || ((options & Base64DiscardVerticalTab) && ch == '\v'))) {
hadError = true;
break;
}
Modified: trunk/Source/WTF/wtf/text/Base64.h (261060 => 261061)
--- trunk/Source/WTF/wtf/text/Base64.h 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/Source/WTF/wtf/text/Base64.h 2020-05-03 09:53:55 UTC (rev 261061)
@@ -43,6 +43,7 @@
Base64Default = 0,
Base64ValidatePadding = 1 << 0,
Base64IgnoreSpacesAndNewLines = 1 << 1,
+ Base64DiscardVerticalTab = 1 << 2,
};
class SignedOrUnsignedCharVectorAdapter {
@@ -225,6 +226,7 @@
using WTF::Base64InsertLFs;
using WTF::Base64ValidatePadding;
using WTF::Base64IgnoreSpacesAndNewLines;
+using WTF::Base64DiscardVerticalTab;
using WTF::base64Encode;
using WTF::base64Decode;
using WTF::base64URLDecode;
Modified: trunk/Source/WebCore/ChangeLog (261060 => 261061)
--- trunk/Source/WebCore/ChangeLog 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/Source/WebCore/ChangeLog 2020-05-03 09:53:55 UTC (rev 261061)
@@ -1,3 +1,25 @@
+2020-05-03 Rob Buis <[email protected]>
+
+ atob() should not accept a vertical tab
+ https://bugs.webkit.org/show_bug.cgi?id=184529
+
+ Reviewed by Darin Adler.
+
+ The forgiving-base64 decode algorithm [1] uses [2] to strip
+ out ASCII whitespace which does not include vertical tabs, so
+ change the atob() implementation to not strip out vertical
+ tabs and thus to fail decode on vertical tabs.
+
+ [1] https://infra.spec.whatwg.org/#forgiving-base64-decode
+ [2] https://infra.spec.whatwg.org/#ascii-whitespace
+
+ Behavior matches Firefox and Chrome.
+
+ * page/Base64Utilities.cpp:
+ (WebCore::Base64Utilities::atob):
+ * platform/network/DataURLDecoder.cpp:
+ (WebCore::DataURLDecoder::decodeBase64):
+
2020-05-02 Simon Fraser <[email protected]>
Add a log channel for OverlayScrollbars
Modified: trunk/Source/WebCore/page/Base64Utilities.cpp (261060 => 261061)
--- trunk/Source/WebCore/page/Base64Utilities.cpp 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/Source/WebCore/page/Base64Utilities.cpp 2020-05-03 09:53:55 UTC (rev 261061)
@@ -47,7 +47,7 @@
return String();
Vector<char> out;
- if (!base64Decode(encodedString, out, Base64ValidatePadding | Base64IgnoreSpacesAndNewLines))
+ if (!base64Decode(encodedString, out, Base64ValidatePadding | Base64IgnoreSpacesAndNewLines | Base64DiscardVerticalTab))
return Exception { InvalidCharacterError };
return String(out.data(), out.size());
Modified: trunk/Source/WebCore/platform/network/DataURLDecoder.cpp (261060 => 261061)
--- trunk/Source/WebCore/platform/network/DataURLDecoder.cpp 2020-05-03 07:44:32 UTC (rev 261060)
+++ trunk/Source/WebCore/platform/network/DataURLDecoder.cpp 2020-05-03 09:53:55 UTC (rev 261061)
@@ -159,7 +159,7 @@
if (!base64URLDecode(task.encodedData.toStringWithoutCopying(), buffer)) {
// Didn't work, try unescaping and decoding as base64.
auto unescapedString = decodeURLEscapeSequences(task.encodedData.toStringWithoutCopying());
- if (!base64Decode(unescapedString, buffer, Base64IgnoreSpacesAndNewLines))
+ if (!base64Decode(unescapedString, buffer, Base64IgnoreSpacesAndNewLines | Base64DiscardVerticalTab))
return;
}
buffer.shrinkToFit();
